AnalysisCybersecurityJuly 14, 2026

Claude for Chrome flaw allows rogue extensions to read Gmail

Security researchers found a flaw in Anthropic's Claude for Chrome extension enabling rogue extensions to access Gmail, Google Docs comments, and Calendar via claude.ai. The attack requires a malicious extension that can already run scripts on claude.ai.

1 source