New bugs in Claude for Chrome allow extensions to abuse AI privileges | CSO Online
Researchers have identified two vulnerabilities in the Claude for Chrome extension that allow malicious extensions to perform privileged actions by bypassing security checks. These flaws enable unauthorized access to sensitive user data, such as Gmail messages and Google Docs, through synthetic clicks and improper permission handling.