h12oMay 10

ClaudeBleed。Anthropic社が提供する「Claude for Chrome」拡張機能において発見された脆弱性だそうだが、AIが

> この問題はLayerXのセキュリティ研究者によって発見されたとされています。

という。

LayerXっていつのまにそんな凄腕のセキュリティエンジニアを揃えていたのか?と思ったら、日本人が知っているLayerXとは違うLayerXという企業があるのね。

https://layerxsecurity.com/blog/a-flaw-in-claudes-browser-extension-allows-any-extension-to-hijack-it/

#Claude #ClaudeBleed #脆弱性

ClaudeBleed: A Flaw In Claude's Browser Extension Allows Any Extension to Hijack It - LayerX

Executive Summary LayerX security researchers have discovered a flaw with Claude’s Chrome extension (“Claude in Chrome”) that allows any extension, even one with no special permissions at all, to effectively hijack Claude’s extension by injecting it with malicious instructions, extract any information that the attacker desires, and get Claude to perform active agentic actions on […]

LayerX
Bernhard BiedermannMay 8

#ClaudeBleed, eine neue Variante um mit #Cloud zu versagen. 🔥

"LayerX security researchers have discovered a flaw with Claude’s Chrome extension (“Claude in Chrome”) that allows any extension, even one with no special permissions at all, to effectively hijack Claude’s extension by injecting it with malicious instructions, extract any information that the attacker desires, and get Claude to perform active agentic actions on their behalf."

Hey, das ist doch mal was. Vielleicht sollte Anthropic mal den eigenen Claude-Code mit Claude-Mythos auf Sicherheitslücken scannen. 🤣

Die #Cloud-Jünger werde das vielleicht nicht ganz so gerne lesen, aber die "Sicherheit ist eine Illusion", wie ein Kollege im Header schreibt. 🙂

Im Artikel finden sich weitere Aspekte die Auskunft geben was man alles anstellen kann. 😵‍💫

Diese Woche zeigt deutlich auf, die Prioritäten sind falsch gesetzt. Nur wer Qualität im Fokus hat schafft eine belastbare Entwicklung. Das scheint aber weder bei #Cloud noch bei #KI der Fall zu sein.

Fragen Sie gerne nach wie man eine solide Entwicklung gestalten muss. 🙂

https://layerxsecurity.com/blog/a-flaw-in-claudes-browser-extension-allows-any-extension-to-hijack-it/

#KI #Cloud #ClaudeBleed

ClaudeBleed: A Flaw In Claude's Browser Extension Allows Any Extension to Hijack It - LayerX

Executive Summary LayerX security researchers have discovered a flaw with Claude’s Chrome extension (“Claude in Chrome”) that allows any extension, even one with no special permissions at all, to effectively hijack Claude’s extension by injecting it with malicious instructions, extract any information that the attacker desires, and get Claude to perform active agentic actions on […]

LayerX
Andreas FrackowiakMay 8

Vielleicht sollte Anthropic einfach mal den eigenen Claude-Code mit Claude Mythos auf Sicherheitslücken scannen...

https://layerxsecurity.com/blog/a-flaw-in-claudes-browser-extension-allows-any-extension-to-hijack-it/

#Anthropic #Claude #ClaudeMythos #CyberSecurity #AI #KI #CodeSafety #AIExploit #Coding #Security #ClaudeBleed

ClaudeBleed: A Flaw In Claude's Browser Extension Allows Any Extension to Hijack It - LayerX

Executive Summary LayerX security researchers have discovered a flaw with Claude’s Chrome extension (“Claude in Chrome”) that allows any extension, even one with no special permissions at all, to effectively hijack Claude’s extension by injecting it with malicious instructions, extract any information that the attacker desires, and get Claude to perform active agentic actions on […]

LayerX
Hackread.comMay 8

📢⚠️ Researchers have uncovered #ClaudeBleed, a vulnerability in Anthropic’s Claude for Chrome extension that could let hackers hijack the AI assistant, steal Google Drive files, access Gmail data, and bypass built-in security safeguards.

Read more: https://hackread.com/claudebleed-vulnerability-hackers-claude-chrome-extension/

#CyberSecurity #AI #ClaudeAI #Chrome #Anthropic #Privacy

ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data

The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.

Hackread - Cybersecurity News, Data Breaches, AI and More