Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content embedded in routine workflows, enabling unauthorized actions without user awareness. The disclosure includes PerplexedBrowser, a subfamily of vulnerabilities in the Perplexity Comet browser that consists of two distinct exploit paths. Both stem from indirect prompt … More
The post The vulnerability that turns your AI agent against you appeared first on Help Net Security.
