Particle.news

Download on the App Store

SquareX Report Details Real-World Exploits in AI Browsers Using Comet as Test Case

SquareX details practical exploits in Perplexity’s Comet to argue for browser-native safeguards.

Overview

  • Researchers showed an OAuth attack against Comet that granted full access to a victim’s Gmail and Google Drive, enabling exfiltration of all stored files.
  • Tests also forced the AI browser to send a malicious link via a calendar invite while processing inbox tasks, and to download known malware.
  • SquareX groups the risks into malicious workflows, prompt injection, malicious downloads and trusted app misuse, pointing to architectural gaps in AI-enabled browsing.
  • Existing enterprise tools such as EDR and SASE/SSE lack sufficient visibility to distinguish automated agent actions from human activity inside the browser.
  • The report urges browser-native controls including agentic identity, integrated DLP, client-side file scanning and extension risk assessments, as other firms like LayerX corroborate similar Comet exposure risks.