Prompt Injection in AI Browsers

This is why AIs are not ready to be personal assistants:

A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar.

In a realistic scenario, no credentials or user interaction are required and a threat actor can leverage the attack by simply exposing a maliciously crafted URL to targeted users.

[…]

CometJacking is a prompt-injection attack where the query string processed by the Comet AI browser contains malicious instructions added using the ‘collection’ parameter of the URL…

November 11, 2025
Read More >>

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

With a 4M cybersecurity worker shortage, agentic AI helps SOCs move beyond triage, enabling proactive security once thought impossible. With a deficit of 4 million cybersecurity workers worldwide, it’s no surprise that most SOCs are still stuck in triage mode. That’s why agentic AI is stepping in to fill the gap. And this boost to […]

November 10, 2025
Read More >>