
Attackers Can Abuse Claude Desktop to Execute Commands on Victim Machines
A novel attack chain that turns Anthropic’s Claude Desktop application into a remote code execution vector, requiring no phishing email and no traditional malware. The technique instead weaponizes a legitimate AI assistant feature: synced account preferences. Penetra research began with lateral movement from a compromised third-party email aggregation platform, an inbox management dashboard used to […]
The post Attackers Can Abuse Claude Desktop to Execute Commands on Victim Machines appeared first on Cyber Security News.