Zenity today detailed how a zero-click attack could be launched against the Comet AI browser developed by Perplexity.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

Zenity has disclosed a zero-click vulnerability called PerplexedComet affecting Perplexity's Comet AI browser. The attack uses indirect prompt injection embedded in a benign calendar invite to trigger autonomous agent behavior without user interaction. Once the AI accepts the meeting, it can access the local file system, read sensitive files, and exfiltrate data to an attacker-controlled server. Perplexity was notified in October and implemented harder boundaries last month to block this specific attack. However, the broader class of indirect prompt injection vulnerabilities remains a risk across AI agent workflows, as these attacks require no exploit, no clicks, and often evade detection until after data has already been transmitted. The recommended mitigation is enforcing explicit permission grants before AI browsers or agents can access tools and services.

Zenity Details Perplexity AI Browser Vulnerability