By Eric Hastings
Publication Date: 2025-11-20 19:05:00
The Hidden Backdoor in AI’s Gateway to the Web: Perplexity’s Comet Under Fire
In the rapidly evolving landscape of artificial intelligence, Perplexity’s Comet browser promised a revolutionary way to navigate the internet, blending AI assistance with seamless browsing. Launched amid fanfare, Comet positions itself as an “agentic” browser, capable of performing tasks like summarizing web pages or executing commands based on user queries. However, recent revelations have cast a dark shadow over this innovation, exposing critical security flaws that could allow hackers to hijack entire devices.
Security researchers at SquareX, a cybersecurity firm, uncovered a hidden API within Comet known as the Multi-Command Processor (MCP). This undocumented interface, embedded in the browser’s extensions, grants unprecedented access to system-level commands. According to SquareX’s analysis, malicious actors could exploit this API to execute arbitrary code, potentially leading to data theft, ransomware deployment, or full device compromise. The vulnerability stems from Comet’s design, which integrates AI agents that interact directly with web content, blurring the lines between trusted and untrusted inputs.
The issue came to light when SquareX researchers dissected Comet’s architecture, discovering that the MCP API allows extensions to run commands without adequate user consent or oversight. For instance, a seemingly innocuous link could trigger the API to…
