Anthropic's Claude Desktop application for macOS has been found to install a Native Messaging manifest file that pre-authorizes browser extensions. This manifest allows extensions to communicate with a local binary outside the browser's sandbox, potentially enabling them to read page content, fill forms, and capture screens without explicit user consent. Security researcher Alexander Hanff discovered this behavior, which raises privacy concerns and potential legal questions regarding data access. AI
Summary written by None from 1 source. How we write summaries →
IMPACT Raises concerns about data access and privacy for users of AI desktop applications, potentially leading to regulatory scrutiny.
RANK_REASON Security researcher discovered a privacy/security issue with a desktop application's installation process.