Skip to content AI in practice Aug 25, 2025 Aug 25, 2025 Max is the managing editor of THE DECODER, bringing his background in philosophy to explore questions of consciousness and whether machines truly think or just pretend to. Brave discovered a security flaw in Perplexity’s AI browser Comet that allows for so-called indirect prompt injection attacks. In these attacks, malicious commands are hidden in web pages or comments and are then interpreted by the AI assistant as legitimate user instructions when summarizing a page. During testing, Brave showed that Comet could be tricked into reading out sensitive user data, like email addresses and one-time passwords, and sending them to attackers. Perplexity responded by issuing updates, but according to Brave, the issue still isn’t fully resolved. Brave also offers its own AI assistant, Leo, in its browser and faces similar security challenges. Support our independent, free-access reporting. Any contribution helps and secures our future. Support now: Max is the managing editor of THE DECODER, bringing his background in philosophy to explore questions of consciousness and whether machines truly think or just pretend to.
Read More










