#claude-desktop

[ follow ]
#privacy #spyware #european-law #data-consent #remote-code-execution #unsandboxed-extensions
Privacy technologies
fromTheregister
15 hours ago

Claude Desktop changes software permissions without consent

Claude Desktop installs files affecting other apps without consent, violating privacy laws and raising concerns about its classification as spyware.
fromTechRepublic
2 months ago

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. "If exploited by a bad actor, even a benign prompt ("take care of it"), coupled with a maliciously worded calendar event, is sufficient to trigger arbitrary local code execution that compromises the entire system," said LayerX researchers in their analysis.
Information security
[ Load more ]