Skip to content
The Nexus
SECURITYMay 8 · 13:06 UTCCYBERSCOOPdjohnson

Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI

A flaw in the Chrome extension for Anthropic's Claude AI model allows any other plugin to hijack victims' AI, potentially leading to unauthorized actions such as extracting files from Google Drive and sending emails on behalf of a user. The vulnerability was discovered by LayerX, a browser security firm. Researchers reported the flaw to Anthropic, but claim that only a partial fix was issued.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this