Claude vulnerable to stealth data exfiltration via prompt injection.

Security researcher Johann Rehberger uncovered a method to exfiltrate user data from Anthropic’s Claude using indirect prompt injections. The exploit abuses Claude’s Files API and network access to upload harvested data to an attacker’s account via a malicious document. Initially blocked, the attack succeeded after mixing benign code to bypass safety checks. Anthropic later acknowledged the issue as a reportable vulnerability after initially dismissing it.

Read more:

https://www.securityweek.com/claude-ai-apis-can-be-abused-for-data-exfiltration/