SECURITYCYBERSCOOP
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
A flaw in the Chrome extension for Anthropic's Claude AI model allows any other plugin to hijack victims' AI, potentially leading to unauthorized actions such as extracting files from Google Drive and sending emails on behalf of a user. The vulnerability was discovered by LayerX, a browser security firm. Researchers reported the flaw to Anthropic, but claim that only a partial fix was issued.
Mentioned