10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.
Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...
The Register on MSN

AI connector for Google Calendar makes convenient malware launchpad, researchers show

'Claude DXT's container falls noticeably short of what is expected from a sandbox' LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability ...