Find notable cyber news and cases, enriched with sources, timelines, and signals.

Claude Chrome synthetic click security flaw

Vulnerability
First reported
Last updated
Happening score
H score 7
1 unique sources, 1 articles

Summary

Hide ▲

A flaw in Anthropic's Claude for Chrome browser extension lets a malicious extension simulate trusted clicks and trigger predefined AI workflows, creating abuse risk for connected services such as Gmail, Google Docs, Google Calendar, and Salesforce. The weakness is that the extension failed to check Event.isTrusted before executing a built-in task, so JavaScript-generated click events were treated like real user input. Manifold Security says the issue remains reproducible in version 1.0.80, which means the exposed workflow path is still present in the current release.

Related Happenings

Claude Chrome forged-click and skipPermissions security flaw

Vulnerability
H score35 First: 14.07.2026 20:27 Last: 14.07.2026 20:27 Sources 1

About this happening: Claude for Chrome still accepts synthetic clicks on its onboarding button, letting a rogue extension trigger allowlisted tasks for Gmail, Google Docs, and Calendar...

OpenAI ChatGPT Atlas BioShocking fix

Advisory/Mitigation
H score34 First: 01.07.2026 00:50 Last: 01.07.2026 00:50 Sources 1

About this happening: OpenAI delivered a working fix for BioShocking in ChatGPT Atlas, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and c...

LayerX BioShocking prompt injection against agentic browsers

Technical Analysis
H score30 First: 24.06.2026 19:05 Last: 24.06.2026 19:05 Sources 1

About this happening: Researchers demonstrated BioShocking, a prompt-injection technique that pushed six agentic browsers and plugins past guardrails and made them copy login credentials fo...

QuickLens - Search Screen with Google Lens hit by network compromise

Incident
H score57 First: 28.02.2026 21:18 Last: 28.02.2026 21:18 Sources 1

About this happening: The QuickLens - Search Screen with Google Lens Chrome extension was compromised and used to push malware to about 7,000 users, creating risk of credential theft*...

AiFrame malicious Chrome extension spraying operation

Malware Activity
H score16 First: 13.02.2026 13:25 Last: 13.02.2026 13:25 Sources 1

About this happening: The AiFrame operation spread fake Chrome AI assistants that delivered malicious extensions, putting over 260,000 Google Chrome users at risk of credential theft, e...

Timeline

  1. 16.07.2026 22:26 2 articles · 1h ago

    Claude for Chrome 1.0.80 still accepts synthetic clicks

    Technical Analysis Update

    Claude for Chrome version 1.0.80, released July 7, still reproduced the synthetic-click trust bypass: the extension accepted JavaScript-generated click events without checking Event.isTrusted before launching predefined workflows. A malicious extension on claude.ai could inject a page element and synthesize the click, allowing Claude to act on connected services such as Gmail, Google Docs, Google Calendar, and Salesforce.

    Show sources
  2. 16.07.2026 22:26 1 articles · 1h ago

    Anthropic receives the synthetic-click and skipPermissions reports

    Initial Disclosure

    Researchers reported both findings to Anthropic through the company's bug bounty program. Anthropic acknowledged the reports, closed the synthetic-click finding as a broader issue it was already tracking, and classified the internal skipPermissions=true parameter issue as informational.

    Show sources