CometJacking attack exploits Comet browser to steal emails
Summary
Hide ▲
Show ▼
A new attack called CometJacking exploits URL parameters to pass hidden instructions to Perplexity's Comet AI browser, allowing access to sensitive data from connected services like email and calendar. The attack does not require credentials or user interaction. Comet is an agentic AI browser that can autonomously browse the web and manage tasks such as emails, shopping, and booking tickets. Despite known security gaps, its adoption is increasing. The CometJacking attack was discovered by LayerX researchers, who reported it to Perplexity in late August. Perplexity responded that it did not identify an issue, marking the report as 'not applicable.'
Timeline
-
03.10.2025 17:01 1 articles · 3h ago
LayerX researchers discover CometJacking attack in Comet AI browser
LayerX researchers discovered the CometJacking attack in late August 2025 and reported it to Perplexity. The attack exploits URL parameters to pass hidden instructions to the Comet AI browser, allowing access to sensitive data from connected services. Perplexity's security team rejected the reports, stating that the attack does not lead to any security impact.
Show sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
Information Snippets
-
CometJacking is a prompt-injection attack that exploits the 'collection' parameter in the URL query string.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
-
The attack instructs the Comet AI browser to consult its memory and connected services instead of searching the web.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
-
Connected services and accessible data include Google Calendar invites and Gmail messages.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
-
The malicious prompt encodes sensitive data in base64 and exfiltrates it to an external endpoint.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
-
The attack can be executed by exposing a maliciously crafted URL to targeted users.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01
-
Perplexity's security team rejected the reports submitted by LayerX, stating that the attack does not lead to any security impact.
First reported: 03.10.2025 17:011 source, 1 articleShow sources
- CommetJacking attack tricks Comet browser into stealing emails — www.bleepingcomputer.com — 03.10.2025 17:01