A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access to connected services such as Gmail, Google Docs, Google Calendar, and Salesforce.

A ClaudeBleed-linked vulnerability in Claude for Chrome remains unpatched, allowing other extensions to access data.

Claude for Chrome v1.0.80 still accepts forged clicks from other extensions, triggering Gmail, Docs, and Calendar tasks silently in hands-off mode.

When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.

A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to…