The browser war has become intelligent. AI browsers are knocking on your door, and the issue is not whether you will be using one, but when. Google Chrome controls the desktop and mobile space at the moment. Elsewhere, the loudest noises in the AI browsers are being made by Perplexity Comet. This puts us on a head-to-head collision with the old king and the new challenger.
But here is the catch. Along with AI, there is more power and even more security risks. Your browser is not a window to the internet. It is a two-way door through which you will look out and through which attackers may look in. This puts the decision between Chrome and Comet in a serious dilemma like never before.
The Security Reality Check
Significant Weaknesses Identified
More Read
AI browsers are critical in terms of security. A report by SquareX came out today with startling information. The report shows that AI browsers are highly insecure. The attackers may use these vulnerabilities to steal your information, distribute malware, and break into your business applications.
Perplexity Comet is the center of this security report. During testing, SquareX discovered that Comet had fallen victim to an OAuth attack. This intrusion allowed hackers to get full access to the mailbox and Google Drive of the victim. The attackers might steal all files on the account, including those that were shared by colleagues as well as customers.
The Calendar Invite Attack
The issues do not end there. In a different test attack, the AI browser was completing assignments in the inbox of a user. In fact, this is one of the features Comet advertises. However, in the process, the browser automatically forwarded a malicious link to the colleague of the victim in the form of a calendar invitation.
LayerX Warning
Another security firm, LayerX, also sounded an alarm on Comet. As stated by LayerX, an attacker can steal sensitive data by using a weaponized URL in the Comet browser. What is even more frightening is the fact that the malicious page does not require any harmful content.
According to LayerX, all an attacker has to do is fool a user into clicking on an engineered link. Such a link may come in the form of an email, a browser add-on, or a malicious site. Sensitive Comet information can be stolen once it is clicked.
What Experts In The Area Of Security Are Saying
The Autonomous Agent Problem
The CEO of SquareX, Vivek Ramachandran, made a significant statement concerning AI browsers. Although they claim to be more secure, these browsers employ autonomous agents that have full user privileges. The agents can work without being supervised by any human being. The thing is that even a minimally trained user has security awareness and common sense, which these agents lack.
Browser Usage Is Changing
According to David Matalon, CEO of Venn, the utilization of these new non-traditional browsers is increasing rapidly among remote employees and contractors. This includes browsers other than Chrome, Edge, and Safari. The usage is up 14% year over year, primarily because it promises AI-driven productivity tools.
The Primary Application Warning
Pejman Roshan of Menlo Security reminds us that browsers are the primary application that we use for nearly everything on the Internet. Should you abandon Chrome for a new AI browser? That depends on what matters most to you, according to Roshan.
The Timing Question
The browser world is rapidly changing. In the future, you may change your browser to AI. However, you have to determine whether you are ready. If you do switch, then you should not ignore all the security warnings related to AI browsers and agents.
Or Eshed, the CEO of LayerX, believes that AI browsers will become the primary way we utilize AI technology. This is an emerging technology, and traditional browsers are already giving in to the challenge. Ultimately, it may not be a choice. A combination of both types of browsers could come to fruition.
Perplexity’s Response
Kyle Polley of Perplexity also addressed the latest security report. He claimed that the described vulnerability has nothing to do with AI. The report reveals that a human being was phished first, as stated by Polley. Then, this individual requested an AI agent to perform what they had already been duped into doing.
As an example, if a person was fooled into going to a site and logging in, the weakness is that the agent has logged in as well. The AI agent is nothing more than a follower. Polley remarks that if the security personnel in this company had the correct measures in place, it would have blocked both the agent and the human. He believes that this weakness has been around for the last 20 years.
Chrome Vs Perplexity Comet — Comparison Table
| Category | Google Chrome | Perplexity Comet (AI Browser) |
|---|---|---|
| Core Purpose | A general-purpose web browser with a wide extension ecosystem and compatibility. | AI-first browser that integrates generative agents, search, and productivity features. |
| Base Technology | A general-purpose web browser with wide extension ecosystem and compatibility. | Built on modern browser tech + AI layers/agents that automate tasks and generate content. |
| AI Capabilities | Limited native on-device AI; relies on extensions, integrations (e.g., Bard/Assistant via web). | Deeply integrated AI agents that can read, act on, and automate inboxes, docs, calendar, etc. |
| Primary Features | Tabs, extensions, sync, dev tools, password manager, wide enterprise controls. | Natural-language agents, task automation, inbox/calendar actions, answer synthesis, enhanced search. |
| Security Model | Mature sandboxing, frequent patches, enterprise management (policies, MDM), proven ecosystem. | Newer model; agents often request elevated permissions (full-page access, APIs) — increases attack surface. |
| Known / Reported Vulnerabilities | Regular vulnerabilities historically; patched quickly. Generally well-understood threat model. | Recent third-party reports (SquareX, LayerX) flagged OAuth token exposure, calendar-invite & weaponized-URL attacks tied to agent behavior. |
| Data Access & Permissions | Granular site permissions (camera, mic, storage); user-consent model; clear extension review process. | Agents may require broad scopes (mailbox/drive access) to automate tasks — riskier if phishing or token theft occurs. |
| Privacy Controls | Incognito mode, sync controls, enterprise privacy policies, robust extension controls. | Privacy depends on how agents store/handle credentials and whether vendor or third parties process data; controls still evolving. |
| Authentication Handling | OAuth and platform auth flows with browser security mitigations; strong ecosystem for SSO and MFA. | Agent-driven logins can act on behalf of user — if initial user is phished, the agent can repeat actions (reported risk). |
| Resistance to Social Engineering | Depends on user training + browser UI; long history of hardened UX patterns to reduce accidental consent. | More vulnerable to engineered links / weaponized URLs that trigger agent actions (per LayerX/SquareX findings). |
| Integration With Productivity Tools | Integrates via web apps/extensions; admins can restrict extensions. | Built-in automation for email, calendar, docs — high productivity upside but higher privilege needs. |
| Performance & Resource Use | Optimized for stability; extensions can add overhead. | AI agents and continuous processing may consume more CPU/memory and background bandwidth. |
| Target Users | General users, enterprises, developers, security-conscious organizations. | Early adopters, remote workers seeking AI productivity boosts, power users willing to accept trade-offs. |
| Strengths | Stability, broad compatibility, mature security processes, enterprise controls. | Powerful automation, AI-assisted workflows, natural-language convenience, potential productivity gains. |
| Weaknesses | Limited built-in generative AI automation; slower to add AI-first features. | New attack surface from autonomous agents; immature hardening and permission UX; documented exploitable flows. |
| Short-Term Risk Profile | Lower (well-understood and managed). | Higher (emerging, with recent public security reports). |
| When To Use | When security, compatibility, and enterprise control matter most. | Chromium-based engine; mature renderer, sandboxing, and a long history of security hardening. |
Follow Us: Facebook | X | Instagram | YouTube | Pinterest
