Perplexity's Comet AI Browser May Have some Concerning Security Flaws Which Could Let Hacker Hijack Your Device

Summary

Cybersecurity firm SquareX has uncovered a critical vulnerability in Perplexity's AI‑driven Comet browser. The browser includes a hidden "MCP API" (chrome.perplexity.mcp.addStdioServer) that lets embedded extensions run arbitrary OS commands, a capability traditional browsers block. The flaw resides in the Agentic extension and can be triggered via the perplexity.ai site, meaning a single XSS, phishing breach or insider compromise could give attackers full control of any Comet user’s device, as demonstrated by a proof‑of‑concept that executed the WannaCry ransomware. SquareX has notified Perplexity and is awaiting a response.