Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
Summary
A vulnerability called ClaudeBleed in the Claude extension for Chrome allows attackers to take over the AI agent by exploiting weak permission checks and improper trust verification. The flaw lets any malicious Chrome extension send commands to Claude and use prompt injection (tricking the AI by hiding instructions in its input) to control its actions, potentially stealing data from Gmail or Google Drive or sending emails on the user's behalf.
Solution / Mitigation
Anthropic released a patch that added internal security checks to prevent extensions running in 'standard' mode from executing remote commands. However, LayerX noted this fix only partially addressed the issue, as attackers can switch the extension to 'privileged' mode to bypass the protection, and users are not notified or asked to approve this mode switch.
Classification
Affected Vendors
Related Issues
Original source: https://www.securityweek.com/vulnerability-in-claude-extension-for-chrome-exposes-ai-agent-to-takeover/
First tracked: May 8, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 92%