cometjacking

Cometjacking is a prompt injection attack targeting AI-powered browsers and agentic assistants. These next-generation browsers, such as Perplexity's Comet and Microsoft's Copilot, can read and act on web content on behalf of users. Cometjacking exploits this by hiding malicious instructions within otherwise normal web pages, tricking the AI assistant into performing actions that compromise account security, leak private data, or execute unauthorized commands. This attack vector represents a growing threat to the trust model of AI browsers, as it weaponizes the very features designed to help users. Discussions on WindowsForum cover the mechanics of cometjacking, its implications for enterprise IT and personal security, and potential mitigations like stricter content validation and user permission controls.