Anthropic fixes command injection vulnerabilities in Claude Desktop extensions

Anthropic's Claude Desktop extensions for Chrome, iMessage, and Apple Notes had critical command injection vulnerabilities. These flaws have now been fixed by Anthropic. The vulnerabilities allowed malicious actors to execute arbitrary code on a user's system by crafting specific prompts. This could lead to the theft of sensitive information like credentials. These extensions, running unsandboxed with system permissions, bridged the Claude AI model with the operating system, making them powerful but also susceptible to such attacks.