Perplexity responds to Comet browser vulnerability claims, argues "fake news"

SquareX accused Perplexity’s Comet browser of exposing a hidden MCP API that could enable local command executionPerplexity ...

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

Palo Alto, California, November 19th, 2025, CyberNewsWireSquareX released critical research exposing a hidden API in Comet ...

Perplexity's Comet AI browser may have some concerning security flaws which could let hacker hijack your device

Cybersecurity experts at SquareX claims to have found a major vulnerability in Comet, the AI browser built by Perplexity, ...
SecurityWeek

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

Browser security firm SquareX claims to have found a potentially critical vulnerability in Perplexity’s Comet AI browser.
CSO Online

Hidden API in Comet AI browser raises security red flags for enterprises

The undocumented system-level API within the Comet AI browser enables embedded extensions to execute commands and launch applications.

SquareX warns hidden API in Perplexity’s Comet browser enables full device takeover

New research out today from browser security company SquareX Ltd. is warning of a hidden application programming interface in Perplexity AI Inc.’s Comet browser that allows extensions in the ...

Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories

Salt Security, the leader in API security, launched GitHub Connect, the latest expansion of its industry-first Salt Cloud Connect capability. This launch is the latest step in Salt's rapid pace of ...