"ClaudeBleed" allows any Chrome extension to control Anthropic's AI assistant (cyberinsider.com)

A newly discovered vulnerability, dubbed "ClaudeBleed," poses significant risks to users of Anthropic’s "Claude in Chrome" extension, which has over 7 million downloads. This flaw allows any Chrome extension, regardless of its permissions, to hijack Claude's capabilities and execute sensitive actions without appropriate user consent. Researchers from LayerX found that communication failures in the extension's trust boundaries allow malicious extensions to interact with Claude, potentially leading to unauthorized access to emails, private GitHub repositories, and sensitive Google Drive files. The significance of this vulnerability extends beyond user security; it highlights critical weaknesses in Chrome's extension architecture and how AI assistants like Claude can be exploited. Attackers can leverage commands injected into Claude's internal messaging system, effectively manipulating it into harmful actions. Despite a partial fix from Anthropic, which was implemented after the flaw was reported, vulnerabilities remain in the underlying trust model, leaving users at continued risk. LayerX's report urges stricter controls on extension communications and recommends users carefully review their installed extensions and disable risky autonomous browsing modes to safeguard their data.