InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.
CSO Online

Claude in Chrome is taking orders from the wrong extensions

Security researchers warn that Anthropic’s Claude in Chrome extension can be abused by malicious extensions that exploit ...