If you wanted to steal local files from someone using Perplexity’s Comet browser, until last month you could just schedule the theft by sending your victim a calendar event. You might also have been able to access the victim’s 1Password vault if it wasn’t protected by two factor authentication.

Source: The Register