Mastodawn

Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.

https://www.bleepingcomputer.com/news/security/hackers-abuse-google-ads-claudeai-chats-to-push-mac-malware/

Hackers abuse Google ads, Claude.ai chats to push Mac malware

Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.

BleepingComputer

Show thread

aburka 🫣

@BleepingComputer the "legitimate" one is also malware so same difference really https://cybersecuritynews.com/claude-desktop-extensions-0-click-vulnerability/

Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users to Remote Attacks

A new critical vulnerability discovered by security research firm LayerX has exposed a fundamental architectural flaw in how Large Language Models (LLMs) handle trust boundaries.

Cyber Security News