The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no VDS VPS Cloud
http://dlvr.it/TRjjNW
Thursday, 26 March 2026
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no VDS VPS Cloud
http://dlvr.it/TRjjNW
Subscribe to:
Post Comments (Atom)
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
iT4iNT SERVER A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email cre...
No comments:
Post a Comment