{"data":{"id":"f8ff06d3-7e34-4589-afd9-225452f31ec0","title":"Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover","summary":"A vulnerability called ClaudeBleed in the Claude extension for Chrome allows attackers to take over the AI agent by exploiting weak permission checks and improper trust verification. The flaw lets any malicious Chrome extension send commands to Claude and use prompt injection (tricking the AI by hiding instructions in its input) to control its actions, potentially stealing data from Gmail or Google Drive or sending emails on the user's behalf.","solution":"Anthropic released a patch that added internal security checks to prevent extensions running in 'standard' mode from executing remote commands. However, LayerX noted this fix only partially addressed the issue, as attackers can switch the extension to 'privileged' mode to bypass the protection, and users are not notified or asked to approve this mode switch.","labels":["security"],"sourceUrl":"https://www.securityweek.com/vulnerability-in-claude-extension-for-chrome-exposes-ai-agent-to-takeover/","publishedAt":"2026-05-08T06:53:36.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude","Claude for Chrome","Gmail","GitHub","Google Drive"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-08T06:53:36.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}