
Claude for Chrome Flaw Lets Malicious Extensions Access Gmail and Google Docs
Two unpatched vulnerabilities in Anthropic’s Claude for Chrome browser extension allow any malicious browser extension to hijack Claude’s agentic capabilities, silently reading a victim’s Gmail, Google Docs, and Calendar data. Ax Sharma at Manifold disclosed the flaws, which remain reproducible in v1.0.80, released July 7, 2026, eight releases after they were first reported in May. […]
The post Claude for Chrome Flaw Lets Malicious Extensions Access Gmail and Google Docs appeared first on Cyber Security News.