Claude Chrome extension flaw enabled zero-click prompt injection attacks against millions of users

Anthropic has patched a serious vulnerability in its Claude Chrome extension after researchers showed that a malicious website could silently inject prompts into the AI assistant with no clicks from the user. The issue mattered because Claude in Chrome can browse sites, run JavaScript, fill forms, and act inside logged-in sessions, which turned a prompt […] The post Claude Chrome extension flaw enabled zero-click prompt injection attacks against millions of users appeared first on VPN Central.