Pulse Tech .news

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

The Hacker News March 26, 2026

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until Feb 19, 2026 fix.

Advertisement

Advertisement

Read Full Article

More like this

9to5Mac Daily: May 21, 2026 – iPhone Ultra leaks, more

9to5Mac Daily: May 21, 2026 – iPhone Ultra leaks, more

9 to 5 Mac

In desperate times, graduates find hope in humiliating tech CEOs

In desperate times, graduates find hope in humiliating tech CEOs

The Verge

One of Meta’s big legal reckonings just ended in a settlement

One of Meta’s big legal reckonings just ended in a settlement

The Verge