Zenity has disclosed a zero-click vulnerability called PerplexedComet affecting Perplexity's Comet AI browser. The attack uses indirect prompt injection embedded in a benign calendar invite to trigger autonomous agent behavior without user interaction. Once the AI accepts the meeting, it can access the local file system, read
Sort: