Steven Lim describes ShadowPrompt as a chained attack enabling zero-click prompt injection and silent data theft via the Claude Chrome extension, where merely visiting an attacker-controlled webpage could trigger the exploit.
A flaw in Claude’s Chrome extension let attackers inject prompts by just visiting a page.
No clicks. A hidden iframe + XSS chain made the extension treat attacker input as real user commands, enabling data theft and actions like sending emails.
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
⚠️ A flaw in Claude’s Chrome extension let attackers inject prompts by just visiting a page.
No clicks.
A hidden iframe + XSS chain made the extension treat attacker input as real user commands
Shadow Prompt: Zero-click prompt injection in Claude Chrome extension. Just visiting a page could let attackers inject prompts as the user.
🔹 Access to history & actions
🔹 Fixed in v1.0.41
ShadowPrompt: How Any Website Could Have Hijacked Claude's Chrome Extension
Shadow Prompt: Zero-click prompt injection in Claude Chrome extension.
Just visiting a page could let attackers inject prompts as the user.
ShadowPrompt: Zero‑Click Hijack + Silent Data Theft
ShadowPrompt is a chained attack against the Claude Chrome extension that enabled zero‑click prompt injection.
A victim could simply land on an attacker‑controlled webpage and, without any interaction, have Claude receive
☠️💉ShadowPrompt: Zero‑Click Hijack + Silent Data Theft
This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.
← Back to Cyber Security