AI Sidebar Spoofing against Atlas and Comet
Technical Analysis
Summary
Hide ▲
Show ▼
Researchers demonstrated AI Sidebar Spoofing against OpenAI Atlas and Perplexity Comet, showing that a fake sidebar overlay can steer users toward phishing, OAuth abuse, and even a reverse shell command. The attack matters because it exploits the browser’s trusted AI interface rather than a server-side flaw. It turns a browser extension plus injected JavaScript into a high-risk social-engineering channel.
Related Happenings
Versa Networks launches Secure Enterprise Browser to extend SASE policies into the browser workspace
Security Tool/Service
First: 22.05.2026 18:43
Last: 22.05.2026 18:43
Sources 1
About this happening:
Versa Networks **released** a **Secure Enterprise Browser** that extends **SASE policies** directly into the **browser workspace**, giving the company a browser-level control poin...
Versa Networks launches Secure Enterprise Browser to extend SASE policies into the browser workspace
Security Tool/ServiceAbout this happening: Versa Networks **released** a **Secure Enterprise Browser** that extends **SASE policies** directly into the **browser workspace**, giving the company a browser-level control poin...
Chromium JavaScript background RCE flaw
Vulnerability
First: 21.05.2026 21:13
Last: 21.05.2026 21:13
Sources 1
About this happening:
The unfixed **Chromium** flaw keeps **JavaScript** running after the browser is closed, creating **remote code execution** risk across **Chromium-based browsers**. A malicious sit...
Chromium JavaScript background RCE flaw
VulnerabilityAbout this happening: The unfixed **Chromium** flaw keeps **JavaScript** running after the browser is closed, creating **remote code execution** risk across **Chromium-based browsers**. A malicious sit...
108 Malicious Google Chrome extensions sharing a C2 backend
Malware Activity
First: 14.04.2026 11:35
Last: 14.04.2026 11:35
Sources 1
About this happening:
**108 malicious Google Chrome extensions** were found to use the same **C2 infrastructure** to steal credentials, sessions, and browsing data while injecting ads and arbitrary Jav...
108 Malicious Google Chrome extensions sharing a C2 backend
Malware ActivityAbout this happening: **108 malicious Google Chrome extensions** were found to use the same **C2 infrastructure** to steal credentials, sessions, and browsing data while injecting ads and arbitrary Jav...
ShieldGuard browser-extension data-harvesting malware
Malware Activity
First: 18.03.2026 16:15
Last: 18.03.2026 16:15
Sources 1
About this happening:
A malicious **ShieldGuard** browser extension was dismantled after it was found harvesting sensitive data from **crypto users**, putting wallet and account information at risk. Th...
ShieldGuard browser-extension data-harvesting malware
Malware ActivityAbout this happening: A malicious **ShieldGuard** browser extension was dismantled after it was found harvesting sensitive data from **crypto users**, putting wallet and account information at risk. Th...
Perplexity Comet prompt-injection research shows agentic browsers can be trained into phishing traps
Technical Analysis
First: 11.03.2026 18:38
Last: 11.03.2026 18:38
Sources 1
About this happening:
**Perplexity's Comet AI browser** is the focus of a **technical analysis** thread showing how **prompt injection** and **malicious URLs** can steer an agentic browser into **data...
Perplexity Comet prompt-injection research shows agentic browsers can be trained into phishing traps
Technical AnalysisAbout this happening: **Perplexity's Comet AI browser** is the focus of a **technical analysis** thread showing how **prompt injection** and **malicious URLs** can steer an agentic browser into **data...
Timeline
-
23.10.2025 17:09 2 articles · 7mo ago
AI Sidebar Spoofing against Atlas and Comet
Initial DisclosureSquareX first demonstrated that a malicious extension can draw a fake AI sidebar over the real one in **Comet**. The same overlay behavior was then confirmed on **Atlas**, where it can steer users into unsafe actions across sites.
Show sources
- Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions — www.bleepingcomputer.com — 23.10.2025 17:09
- Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions — www.bleepingcomputer.com — 23.10.2025 17:09