Vulnerability in Anthropic's Claude AI
A critical vulnerability in Anthropic's Claude AI allows attackers to exfiltrate user data via a chained exploit that abuses the platform's own File API.
A security researcher has exposed this flaw, which enables attackers to steal user data by turning the AI's own tools against itself.
The vulnerability allows hidden commands to hijack Claude's Code Interpreter, tricking the AI into using Anthropic's own File API to send sensitive data, like chat histories, directly to an attacker.
Anthropic initially dismissed the report on October 25 but reversed its decision on October 30, acknowledging a "process hiccup".
Author's summary: Critical vulnerability in Claude AI allows data theft.
- Exploit abuses the platform's own File API
- Hidden commands hijack Claude's Code Interpreter
- Sensitive data, like chat histories, can be sent to an attacker
More News
- Check out new M340i xDrive 50 Jahre Edition
- Hopes for a rooftop solar revolution
- The 12 myths of Korean unification - UPI.com
- Vertu adds Leicester Skoda to network after agreeing deal with Marshall Motor Group
- Chancellor's plot to rake in more tax - pensioners will be horrified
- EU scientists record 99.5% sunlight absorption leap for solar towers