Perplexity Comet vs Google Chrome – Should You Switch to an AI Browser? (www.forbes.com)

Security researchers have flagged serious vulnerabilities in AI-first browsers after tests on Perplexity’s Comet showed attacks that let an agent obtain full OAuth access to a user’s Google account, exfiltrate every file in Drive (including shared documents), and propagate malware via calendar invites. SquareX documented an OAuth flow compromise and task automation abuse — scenarios where an autonomous agent, acting with the user’s privileges, completed inbox tasks and sent malicious links. LayerX echoed this with a simpler weaponized-URL vector: a crafted link opened in Comet can expose and extract sensitive data without any overtly malicious page content. Researchers warn these issues arise from agents operating with broad privileges and a lack of guardrails. For the AI/ML community this is a pivotal moment: browsers are becoming the primary UI for AI agents, so their security model matters more than ever. Key technical implications include insecure OAuth/token handling, excessive agent privilege/scoping, clickless attack surfaces (crafted links, extensions), and insufficient human-in-the-loop controls. Mitigations include strict token scopes and revocation, robust consent/UI signaling, behavioral throttles for autonomous actions, and enterprise policy enforcement. Perplexity counters that these are classic phishing/OAuth problems — not novel AI bugs — and argues enterprise controls would block both human and agent misuse. Either way, broader adoption of AI browsers demands immediate hardening and new runtime policies to prevent automated exfiltration and lateral access in enterprise contexts.