Perplexity's AI browser Comet had a vulnerability allowing unauthorized access to users' sensitive data via indirect prompt injection. Brave's research revealed that the browser mishandled webpage summarization, enabling attackers to manipulate the AI for unauthorized actions.