AI & Security
March 17, 20261 min read174
AI Agents Tricked Into Launching Phishing Attacks in Under 4 Minutes
Researchers manipulated Perplexity's Comet AI browser to execute a complete phishing attack in under 4 minutes, exposing critical risks in autonomous agents.
By Titan Layer Editorial Team
Published on March 17, 2026
Source: —
Security researchers demonstrated a concerning attack: they manipulated Perplexity's Comet AI browser to launch a complete phishing attack in under 4 minutes, without any human intervention.
The exploit abuses a fundamental characteristic of browser-based AI agents: they need to process and interact with web content to function. Through prompt injection embedded in HTML, the agent was convinced to create a convincing phishing form to capture login credentials.
This demonstrates that even products from reputable companies can be turned into attack tools if the underlying model lacks adequate protections against prompt injection. Implementers should enforce strict sandboxing, action allowlists, and human approval for sensitive actions.
Article information
Editorial author:Titan Layer Editorial Team
Original source:—
Original publisher:—
Original author:—
Original publication date:—
Reference link:—
Titan Layer publication date:March 17, 2026
Content type:Curated summary and editorial analysis
#agentes de ia#phishing#perplexity#segurança#browser agent
Share this article
Related Articles
Critical Vulnerabilities
CVE-2026-46483: Command Injection in Vim via Missing shellescape Flag
Titan Layer
5/18/2026
Critical Vulnerabilities
CVE-2026-43490: Validate Inherited ACE SID Length in ksmbd
Titan Layer
5/18/2026
Cyber Crime
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
Titan Layer
5/17/2026