Chrome Gemini panel became privilege escalator for rogue extensions

Security boffins have discovered a high-severity bug in Google Chrome that allowed malicious extensions to hijack its Gemini Live AI panel and inherit privileges they were never meant to have.

Claude collaboration tools left the door wide open to remote code execution

The first of the three flaws involved abusing Claude's Hooks feature to achieve remote code execution. Hooks are user-defined shell commands that execute at various points in the tool's lifecycle, ...