Prompt Injection in Production: The 2025 Perplexity Comet Attack

On July 25, 2025, researchers at Brave Security Team discovered that a Reddit comment could hijack a Perplexity Comet browser session. The attacker didn’t need to trick the user into clicking anything. They didn’t need to exploit a memory vulnerability or bypass an authentication layer. All they needed was text that a human would never read - hidden inside a Reddit thread, invisible in the rendered UI - and the AI would read it, interpret it as an instruction, and execute it.