How I tricked Claude into leaking your deepest, darkest secrets
Summary
A researcher discovered a vulnerability in Claude's web_fetch tool (a feature that lets Claude access websites) that could leak private user information like names and locations. The tool was supposed to only visit URLs that users directly entered, but it could also follow links found within web pages it had already fetched, allowing attackers to create deceptive websites that trick Claude into extracting sensitive data by following a chain of hidden links.
Solution / Mitigation
Anthropic closed the vulnerability by removing the ability for web_fetch to navigate to additional links returned within its own fetched content.
Classification
Affected Vendors
Related Issues
Original source: https://simonwillison.net/2026/Jul/15/claude-web-fetch-exfiltration/#atom-everything
First tracked: July 15, 2026 at 02:01 PM
Classified by LLM (prompt v3) · confidence: 92%