By Business Wire
Publication Date: 2026-03-03 14:02:00
Vulnerabilities allow zero-click agent hijacking, local file exfiltration and credential theft within agent-authorized workflows, including 1Password
NEW YORK, March 03, 2026–(BUSINESS WIRE)–Zenity Labs today disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to silently hijack AI agents, access local files and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content embedded in routine workflows, enabling unauthorized actions without user awareness.
The disclosure includes PerplexedBrowser, a subfamily of vulnerabilities in the Perplexity Comet browser that consists of two distinct exploit paths. Both stem from indirect prompt injection techniques but produce materially different outcomes. The first enables zero-click agent compromise that grants access to the local file system and allows data exfiltration while the agent continues returning expected results to the user. The second abuses agent-authorized workflows to manipulate password manager interactions, resulting in credential theft or full account takeover without directly exploiting the password manager itself, such as 1Password.
Agentic browsers represent a new computing model. Unlike traditional browsers that primarily display content, agentic systems interpret instructions, retain authenticated context and autonomously execute actions across…
