#claude-desktop

[ follow ]
#privacy #spyware #european-law #data-consent #remote-code-execution #unsandboxed-extensions
Privacy technologies
fromTheregister
2 hours ago

Claude Desktop changes software permissions without consent

Claude Desktop installs files affecting other apps without consent, violating privacy laws and raising concerns about its classification as spyware.
fromTechRepublic
2 months ago

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. "If exploited by a bad actor, even a benign prompt ("take care of it"), coupled with a maliciously worded calendar event, is sufficient to trigger arbitrary local code execution that compromises the entire system," said LayerX researchers in their analysis.
Information security
[ Load more ]