CommetJacking attack tricks Comet browser into stealing emails (www.bleepingcomputer.com)
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 04 Oct 12:53
https://lemmy.zip/post/50240494

A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar.

#cybersecurity

threaded - newest

xxce2AAb@feddit.dk on 04 Oct 13:25 collapse

This is a simple prompt injection, which is not leading to any impact. As such, this has been marked as Not Applicable

Except for the silent exfiltration of private user data, but that’s apparently not important to Perplexity.

Use a real browser, people.