Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

Agentic web browsers that leverage artificial intelligence AI capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The attack, at its core, takes advantage of AI browsers' tendency to...

PleaseFix Flaw Lets Hackers Access 1Password Vault via Comet AI Browser

Researchers at Zenity Labs uncover PleaseFix flaws in Perplexity’s Comet browser. See how zero-click calendar invites allow AI agents to steal 1Password credentials and personal files...

HashJack Attack Uses URL ‘#’ to Control AI Browser Behavior

Cybersecurity firm Cato Networks reveals HashJack, a new AI browser vulnerability using the '' symbol to hide malicious commands. Microsoft and Perplexity fixed the flaw, but Google's Gemini remains at risk...

Secure Retrieval-Augmented Generation against Poisoning Attacks

Large language models LLMs have transformed natural language processing NLP, enabling applications from content generation to decision support. Retrieval-Augmented Generation RAG improves LLMs by incorporating external knowledge but also introduces security risks, particularly from data poisoning...

Malicious Perplexity Comet Browser Download Ads Push Malware Via Google

Attackers are exploiting Google Ads with fake Comet Browser download links to spread malware disguised as Perplexity’s official installer. The campaign, tracked by DataDome, has ties to DarkGate...

EUVD-2025-21932

Malicious code in bioql PyPI...

CVE-2025-50709

An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter...

CVE-2025-50709

An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter...

CVE-2025-50709

An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter...

PT-2025-38157

Name of the Vulnerable Software and Affected Versions: Perplexity AI GPT-4 affected versions not specified Description: An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter. Recommendations: At the moment, there is no information about a new...

CVE-2025-50709

CVE-2025-50709 affects Perplexity AI GPT-4. The issue allows a remote attacker to obtain sensitive information via a GET parameter. CVSSv3.1 base score 4.3 (Medium), attack Vector: Network, attack Complexity: Low, Privileges Required: Low, User Interaction: none. Connected sources confirm Perplex...

Perplexity AI Web Application 安全漏洞

Perplexity AI Web Application is a big data search engine application utilizing a big language model from Perplexity, Inc. in the United States. A security vulnerability exists in Perplexity AI Web Application that stems from a GET parameter that could lead to the disclosure of sensitive...

CVE-2025-50709

An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter...

Perplexity AI ignores no-crawling rules on websites, crawls them anyway

Imagine putting up a no-trespassing sign for people walking their dogs, and then finding out that one person dresses up their Great Dane as a calf and walks it on your grounds. Well that's sort of what AI answer engine Perplexity has been doing, by evading the no-crawl directives of websites,...

CVE-2025-50708

An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL...

CVE-2025-50708

An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL...

Perplexity AI Web Application 安全漏洞

Perplexity AI Web Application is a big data search engine application utilizing a big language model from Perplexity, Inc. in the United States. A security vulnerability exists in Perplexity AI Web Application GPT-4 version 2.51.0, which stems from mishandling of the token component and could lea...

CVE-2025-50708

An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL...

PT-2025-30092 · Unknown · Perplexity Ai Gpt-4

Name of the Vulnerable Software and Affected Versions: Perplexity AI GPT-4 version 2.51.0 Description: An issue allows a remote attacker to obtain sensitive information via the token component in the shared chat URL. Recommendations: At the moment, there is no information about a newer version th...

CVE-2025-50708

CVE-2025-50708 affects Perplexity AI GPT-4 v2.51.0. The issue is in the token component of the shared chat URL, enabling a remote attacker to obtain sensitive information (confidentiality impact). CVSS: Network attack vector, low attack complexity, no privileges required, no user interaction, wit...