Consultants say the invention lands at a delicate second for AI browsers. John Grady, principal analyst at Omdia, mentioned most organizations have already labeled them conservatively. “Most organizations are treating them as unmanaged apps at this time limit,” he mentioned. “It’s extremely early, so only a few, if any, organizations are adopting this because the default enterprise browser. And this discovering will do nothing to vary that.”
Embedded extensions have undocumented machine entry
SqaureX says it uncovered the MCP API whereas reviewing Comet’s embedded Analytics Extension, the place the non-standard “chrome.perplexity” namespace recommended an addition to Chromium. Audrey Adeline from SquareX mentioned the workforce recognized the API instantly within the extension code. “We have been in a position to retrieve the MCP API within the Comet Analytics Extension supply code.”
She added that the exploitability of the function is surprisingly excessive. “The technical bar for this exploit is extraordinarily low: extension stomping, cross-site scripting, and fundamental community MitM assaults are greater than sufficient.” In a demo shared together with the disclosure, a malicious extension spoofed as Comet’s Analytics Extension injected a script into the perplexity.ai web page and in the end used the Agentic Extension to invoke the MCP API, leading to an on-device execution of WannaCry.
