By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
ProbizbeaconProbizbeacon
  • Business
  • Investing
  • Money Management
  • Entrepreneur
  • Side Hustles
  • Banking
  • Mining
  • Retirement
Reading: Brave Reveals Systemic Security Issues In AI Browsers
Share
Notification
ProbizbeaconProbizbeacon
Search
  • Business
  • Investing
  • Money Management
  • Entrepreneur
  • Side Hustles
  • Banking
  • Mining
  • Retirement
© 2025 All Rights reserved | Powered by Probizbeacon
Probizbeacon > Money Management > Brave Reveals Systemic Security Issues In AI Browsers
Money Management

Brave Reveals Systemic Security Issues In AI Browsers

October 21, 2025 4 Min Read
Share
4 Min Read
Brave Reveals Systemic Security Issues In AI Browsers
SHARE

Brave disclosed security vulnerabilities in AI browsers that could allow malicious websites to hijack AI assistants and access sensitive user accounts.

The issues affect Perplexity Comet, Fellou, and potentially other AI browsers that can take actions on behalf of users.

The vulnerabilities stem from indirect prompt injection attacks where websites embed hidden instructions that AI browsers process as legitimate user commands. Brave published the findings after reporting the issues to affected companies.

What Brave Found

Perplexity Comet Vulnerability

Comet’s screenshot feature can be exploited by embedding nearly invisible text in webpages.

When users take screenshots to ask questions, the AI extracts hidden text using what appears to be OCR and processes it as commands rather than untrusted content.

Brave notes Comet isn’t open-source, so this behavior is inferred and can’t be verified from source code.

The hidden instructions use faint colors that humans can barely see but AI systems extract and execute. This lets attackers issue commands to the AI assistant without the user’s knowledge.

Fellou Navigation Vulnerability

Fellou browser sends webpage content to its AI system when users navigate to a site.

Asking the AI assistant to visit a webpage causes the browser to pass the page’s visible content to the AI in a way that lets the webpage text override user intent.

This means visiting a malicious site could trigger unintended AI actions without requiring explicit user interaction with the AI assistant.

Access To Sensitive Accounts

The vulnerabilities become dangerous because AI assistants operate with user authentication privileges.

A hijacked AI browser can access banking sites, email providers, work systems, and cloud storage where users remain logged in.

See also  Why CMOs Should Rethink ROAS As A North Star Metric

Brave notes that even summarizing a Reddit post could result in attackers stealing money or private data if the post contains hidden malicious instructions.

Industry Context

Brave describes indirect prompt injection as a systemic challenge facing AI browsers rather than an isolated issue.

The problem revolves around AI systems failing to distinguish between trusted user input and untrusted webpage content when constructing prompts.

Brave is withholding details of one additional vulnerability found in another browser until next week.

Why This Matters

Brave argues that traditional web security models break when AI agents act on behalf of users.

Natural language instructions on any webpage can trigger cross-domain actions reaching banks, healthcare providers, corporate systems, and email hosts.

Same-origin policy protections become irrelevant because AI assistants execute with full user privileges across all authenticated sites.

The disclosure arrives the same day OpenAI launched ChatGPT Atlas with agent mode capabilities, highlighting the tension between AI browser functionality and security.

People using AI browsers with agent features face a tradeoff between automation capabilities and exposure to these systemic vulnerabilities.

Looking Ahead

Brave’s research continues with additional findings scheduled for disclosure next week.

The company indicated it’s exploring longer-term solutions to address the trust boundary problems in agentic browsing.


Featured Image: Who is Danny/Shutterstock

You Might Also Like

New Hampshire: the bill that prohibits the regulation of crypto mining

Arizona: the law that protects Bitcoin mining has been approved by the Senate

TikTok Enters Search Ads Market in United States

Human-Centered Marketing: Thought Leadership

How to Make an Extra $500 a Month: 10 Practical Ideas

TAGGED:Generative AIMarketingNews
Share This Article
Facebook Twitter Copy Link
Previous Article A Smarter SEO Content Audit: Aligning For Performance, Purpose & LLM Visibility Aligning For Performance, Purpose & LLM Visibility
Next Article OpenAI Launches ChatGPT Atlas Browser For macOS OpenAI Launches ChatGPT Atlas Browser For macOS
Leave a comment Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

235.3kFollowersLike
69.1kFollowersFollow
11.6kFollowersPin
56.4kFollowersFollow
136kSubscribersSubscribe
4.4kFollowersFollow
- Advertisement -
Ad imageAd image

Latest News

OpenAI Launches ChatGPT Atlas Browser For macOS
OpenAI Launches ChatGPT Atlas Browser For macOS
Money Management October 22, 2025
A Smarter SEO Content Audit: Aligning For Performance, Purpose & LLM Visibility
Aligning For Performance, Purpose & LLM Visibility
Money Management October 21, 2025
4 Ways To Use Annuities In Your Estate Plan
4 Ways To Use Annuities In Your Estate Plan
Investing October 21, 2025
The words "what's your plan for retirement" written on chalkboard on pavement somewhere in London
Why I invest in a Stocks & Shares ISA, a Lifetime ISA, and a SIPP
Retirement October 21, 2025
//

We influence 20 million users and is the number one business and technology news network on the planet

probizbeacon probizbeacon
probizbeacon probizbeacon

We are dedicated to providing accurate, timely, and in-depth coverage of financial trends, empowering professionals, entrepreneurs, and investors to make informed decisions..

Editor's Picks

HeyPiggy Review – Is This Survey Site Worth It?
Mining or oil? Tech or tobacco? 3 things to consider when choosing shares for a SIPP
Workers Over 40 Are Turning to Side Hustles — Here’s Why
7 AI Tools to Build a Profitable One-Person Business That Runs While You Sleep

Follow Us on Socials

We use social media to react to breaking news, update supporters and share information

Facebook Twitter Telegram
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Reading: Brave Reveals Systemic Security Issues In AI Browsers
Share
© 2025 All Rights reserved | Powered by Probizbeacon
Welcome Back!

Sign in to your account

Lost your password?