Anthropic’s Claude AI Chrome extension remains vulnerable to exploitation even after the company released a security update to fix earlier issues, according to CSO Online and LayerX researchers.
Researchers said attackers may still be able to misuse the extension through prompt injection techniques and hidden instructions embedded inside webpages.
Visit betsport24.es for more information.
The Claude browser extension allows users to ask questions about webpage content directly from Chrome.
It reads webpage data and sends relevant information to Claude for analysis and responses.
Anthropic, OpenAI Turn To Religious Leaders In Quest To Make ‘Ethical’ AI ModelsSecurity researchers found that malicious websites could secretly include hidden text or instructions that manipulate Claude’s behaviour.
These hidden prompts may force the AI assistant to reveal private information, follow malicious instructions, or generate misleading outputs without the user noticing.
Anthropic had earlier released an update aimed at reducing these risks. The company said the update improved how the extension identifies and ignores suspicious hidden instructions inside webpages.
However, researchers claimed the protection measures are still not fully effective.
According to reports, attackers may still bypass the safeguards using specially crafted webpage content and indirect prompt injection methods.
Anthropic Prepares for $1.5 Billion AI Joint Venture With Blackstone, Goldman SachsThe issue is part of a broader problem affecting AI assistants connected to browsers, email clients, and document-reading tools.
These systems can sometimes treat hidden webpage content as trusted instructions instead of ordinary text.
Cybersecurity experts warned that such attacks could potentially expose sensitive data from browser sessions, emails, documents, or connected applications if AI tools are given broad permissions.
Attackers could use invisible text, hidden HTML elements, or manipulated webpage formatting to trick the AI system into carrying out unintended actions.
Researchers argued that AI browser assistants currently lack strong boundaries between trusted user commands and untrusted webpage content.
This makes prompt injection one of the biggest security risks for AI agents and browser-integrated AI tools.
Anthropic acknowledged the continuing risks and said it is working on stronger protections for Claude and other AI systems.
The company reportedly stressed that AI security remains an evolving challenge and that no current defence system is completely foolproof.