Hackers can hijack AI browsers like Comet and Fellou
Brave's latest study has uncovered some worrying security flaws in AI browsers like Perplexity's Comet and Fellou.
Hackers can sneak hidden commands into web pages or screenshots, tricking the AI into doing things like opening emails or visiting shady sites—sometimes with your login info.
How the hack works
Comet's screenshot tool can be fooled by almost invisible text in images, making the AI follow secret instructions when users analyze screenshots.
With Fellou, just landing on a bad website is enough for harmful commands to run, because these AIs can't always tell what's safe and what isn't.
The need for stronger privacy protections
Since these AIs work while you're logged in, attackers could get access to your bank, cloud storage, or work accounts without you realizing.
Even newer browsers like ChatGPT Atlas have similar risks.
It's a reminder that as cool as AI browsing is, stronger privacy protections are needed—especially if you're always online.