Summary
Zenity Labs discovered the PleaseFix vulnerability family in Perplexity Comet, which allows attackers to hijack AI agents via indirect prompt injection to exfiltrate local files and take over 1Password accounts.
Take Action:
Update your Comet browser, or even better, wipe it from your system. It's too dangerous. Treat AI agents as untrusted insiders and manually restrict their access to sensitive websites or local files. Always enable 'ask before filling' in your password manager to prevent agents from accessing credentials without your explicit consent.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)