Darkreading
Critical Vulnerabilities in Claude.ai Enable Data Theft and Malicious Redirects
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A series of vulnerabilities in Anthropic's Claude.ai, collectively termed 'Claudy Day', have been identified, allowing attackers to exfiltrate sensitive user data and redirect users to malicious sites. The attack chain consists of three flaws: an invisible prompt injection via URL parameters, an open redirect on claude.com, and data exfiltration through the Anthropic Files API. These vulnerabilities can be exploited without any external tools or integrations, posing a significant risk to users. Researchers from Oasis Security discovered these flaws and reported them to Anthropic, which has since patched the prompt injection vulnerability but is still addressing the other issues. The vulnerabilities can lead to unauthorized access to sensitive user conversation history, especially in enterprise settings where integrations are enabled. Security experts emphasize the need for organizations to audit their AI integrations to mitigate these risks. The attack vector allows for silent data exfiltration, making it particularly dangerous for users unaware of the risks. The situation remains critical as organizations must remain vigilant against potential exploitation.
Key Points: • Three vulnerabilities in Claude.ai allow for silent data exfiltration and malicious redirects. • The attack chain requires no external tools, functioning within default settings. • Anthropic has patched the prompt injection flaw but is still addressing other vulnerabilities.