Zenity Labs Discloses PleaseFix Agentic Browser Vulnerabilities
On March 4, 2026, Zenity Labs disclosed "PleaseFix," a family of critical vulnerabilities targeting agentic browsers, including Perplexity Comet, that enable attackers to hijack AI agents, access local files, and steal credentials within authenticated sessions. The flaws can be triggered by malicious content embedded in routine workflows and include PerplexedBrowser, a Perplexity Comet subfamily with two exploit paths from indirect prompt injection. Vendors and users must apply mitigations.
Scoring Rationale
High-impact, broadly applicable agentic-browser exploits; authoritative disclosure but limited public technical detail and vendor mitigations.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
