AI Sidebar Spoofing against Atlas and Comet
Technical Analysis
Summary
Hide ▲
Show ▼
Researchers demonstrated AI Sidebar Spoofing against OpenAI Atlas and Perplexity Comet, showing that a fake sidebar overlay can steer users toward phishing, OAuth abuse, and even a reverse shell command. The attack matters because it exploits the browser’s trusted AI interface rather than a server-side flaw. It turns a browser extension plus injected JavaScript into a high-risk social-engineering channel.
Related Happenings
FROST browser SSD timing side channel via OPFS
Technical Analysis
H score16
First: 09.06.2026 12:50
Last: 09.06.2026 12:50
Sources 1
About this happening:
**FROST** turns **browser storage timing** into a **remote SSD side channel** that can identify which **sites** a user visits and which **apps** they open. The technique runs insi...
FROST browser SSD timing side channel via OPFS
Technical AnalysisAbout this happening: **FROST** turns **browser storage timing** into a **remote SSD side channel** that can identify which **sites** a user visits and which **apps** they open. The technique runs insi...
Enterprise browser users face a rising shadow AI, credential abuse, and browser-native attack trend
Trend
H score22
First: 05.06.2026 17:00
Last: 05.06.2026 17:00
Sources 1
About this happening:
**Enterprise users** are showing a sharp rise in **shadow AI**, **credential abuse**, and **browser-native attack exposure**, increasing risk at the browser layer. The trend matte...
Enterprise browser users face a rising shadow AI, credential abuse, and browser-native attack trend
TrendAbout this happening: **Enterprise users** are showing a sharp rise in **shadow AI**, **credential abuse**, and **browser-native attack exposure**, increasing risk at the browser layer. The trend matte...
Browser-layer visibility guidance for browser-native threats
Defensive Guidance
H score22
First: 05.06.2026 17:00
Last: 05.06.2026 17:00
Sources 1
About this happening:
**Security teams** are being pushed to treat **browser sessions** as the primary detection surface for **phishing**, **credential theft**, and **ClickFix**. **Browser-native attac...
Browser-layer visibility guidance for browser-native threats
Defensive GuidanceAbout this happening: **Security teams** are being pushed to treat **browser sessions** as the primary detection surface for **phishing**, **credential theft**, and **ClickFix**. **Browser-native attac...
Brave Software launches paid Brave Origin browser
Commercial Activity
H score0
First: 05.06.2026 00:37
Last: 05.06.2026 00:37
Sources 1
About this happening:
Brave Software launched **Brave Origin**, a paid browser variant that removes **cryptocurrency**, **AI**, rewards, and other monetization features while keeping **Brave Shields**....
Brave Software launches paid Brave Origin browser
Commercial ActivityAbout this happening: Brave Software launched **Brave Origin**, a paid browser variant that removes **cryptocurrency**, **AI**, rewards, and other monetization features while keeping **Brave Shields**....
BrowserOS WebPromptTrap patch release (0.32.0)
Security Patch Release
H score11
First: 29.05.2026 21:07
Last: 29.05.2026 21:07
Sources 1
About this happening:
**BrowserOS** patched **WebPromptTrap** in **version 0.32.0**, closing an indirect prompt-injection flaw that could trick users into approving an **authorization step** inside the...
BrowserOS WebPromptTrap patch release (0.32.0)
Security Patch ReleaseAbout this happening: **BrowserOS** patched **WebPromptTrap** in **version 0.32.0**, closing an indirect prompt-injection flaw that could trick users into approving an **authorization step** inside the...
Timeline
-
23.10.2025 17:09 2 articles · 8mo ago
AI Sidebar Spoofing against Atlas and Comet
Initial DisclosureSquareX first demonstrated that a malicious extension can draw a fake AI sidebar over the real one in **Comet**. The same overlay behavior was then confirmed on **Atlas**, where it can steer users into unsafe actions across sites.
Show sources
- Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions — www.bleepingcomputer.com — 23.10.2025 17:09
- Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions — www.bleepingcomputer.com — 23.10.2025 17:09