Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.
The flaw „allowed any website to silently inject prompts into that assistant as if the user wrote them,“ Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. „No clicks, no
https://thehackernews.com/2026/03/claude-extension-flaw-enabled-zero.html