Perplexity responds to Comet browser vulnerability claims, argues "fake news"

Researchers said Comet can be abused to execute local commands, but Perplexity claims the research is "entirely fake".

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

Palo Alto, California, November 19th, 2025, CyberNewsWireSquareX released critical research exposing a hidden API in Comet ...

Perplexity's Comet AI browser may have some concerning security flaws which could let hacker hijack your device

Cybersecurity experts at SquareX claims to have found a major vulnerability in Comet, the AI browser built by Perplexity, ...
CSO Online

Hidden API in Comet AI browser raises security red flags for enterprises

The undocumented system-level API within the Comet AI browser enables embedded extensions to execute commands and launch applications.
SecurityWeek

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

Browser security firm SquareX claims to have found a potentially critical vulnerability in Perplexity’s Comet AI browser.

SquareX warns hidden API in Perplexity’s Comet browser enables full device takeover

New research out today from browser security company SquareX Ltd. is warning of a hidden application programming interface in Perplexity AI Inc.’s Comet browser that allows extensions in the ...

Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories

Salt Security, the leader in API security, launched GitHub Connect, the latest expansion of its industry-first Salt Cloud Connect capability. This launch is the latest step in Salt's rapid pace of ...

Why The Model Context Protocol Is Key To AI-Enterprise Integration

While the current AI boom was sparked by the launch of OpenAI’s ChatGPT in late 2022, it wasn’t until late 2024 that its true ...