{"id":8622,"date":"2026-05-08T08:06:32","date_gmt":"2026-05-08T13:06:32","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=88925"},"modified":"2026-05-08T08:06:32","modified_gmt":"2026-05-08T13:06:32","slug":"flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/05\/08\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai\/","title":{"rendered":"Flaw in Claude\u2019s Chrome extension allowed \u2018any\u2019 other plugin to hijack victims\u2019 AI"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v24.5 (Yoast SEO v27.1.1) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ --> <title>Flaw in Claude\u2019s Chrome extension allowed \u2018any\u2019 other plugin to hijack victims\u2019 AI | CyberScoop<\/title> <meta name=\"description\" content=\"Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/claude-chrome-extension-allows-plugins-to-hijack-ai\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Flaw in Claude\u2019s Chrome extension allowed \u2018any\u2019 other plugin to hijack victims\u2019 AI\"> <meta property=\"og:description\" content=\"Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/claude-chrome-extension-allows-plugins-to-hijack-ai\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-05-08T13:06:32+00:00\"> <meta property=\"article:modified_time\" content=\"2026-05-08T13:14:47+00:00\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1774626878g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1778005960g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1775068334g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/88925\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=88925\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fclaude-chrome-extension-allows-plugins-to-hijack-ai%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fclaude-chrome-extension-allows-plugins-to-hijack-ai%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-88925 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/claude-chrome-extension-allows-plugins-to-hijack-ai\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.368831168831\">\n<div class=\"single-article__header-content\" readability=\"35.326633165829\">\n<p> Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes. <\/p>\n<p> <!-- Listen to this article section --> <!-- Audio Element --><br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/88925\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p> <!-- Countdown Timer --> <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p> <!-- Tooltip --> <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p> <!-- End of audio player --> <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg 6048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=768,511 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=1024,681 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=1536,1022 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=2048,1363 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=600,399 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=253,168 253w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=507,337 507w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=1015,675 1015w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-2.jpg?resize=1267,843 1267w\" sizes=\"(max-width: 1015px) 100vw, 1015px\"><figcaption> The Claude AI logo is displayed on the screen of a smartphone placed on a reflective surface onto which lines of computer code are projected. Following the release of Claude Opus 4.6 on February 5, Anthropic continues to challenge its main competitors in the generative AI market in Creteil, France, on February 6, 2026. (Photo by Samuel Boivin\/NurPhoto via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"40.507462686567\"><body readability=\"83.347210657785\"><\/p>\n<p>As businesses and governments turn to AI agents to access the internet and perform higher-level tasks, researchers continue to find serious flaws in large language models that can be exploited by bad actors.<\/p>\n<p>The latest <a href=\"https:\/\/layerxsecurity.com\/blog\/a-flaw-in-claudes-browser-extension-allows-any-extension-to-hijack-it\/\">discovery<\/a> comes from browser security firm LayerX, involving a bug in the Chrome extension for Anthropic\u2019s Claude AI model that allows any other plugin \u2013 even ones without special permissions \u2013 to embed hidden instructions that can <a href=\"https:\/\/cyberscoop.com\/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection\/\">take over the agent<\/a>.&nbsp;<\/p>\n<p>\u201cThe flaw stems from an instruction in the extension\u2019s code that allows any script running in the origin browser to communicate with Claude\u2019s LLM, but does not verify who is running the script,\u201d wrote LayerX senior researcher Aviad Gispan. \u201cAs a result, any extension can invoke a content script (which does not require any special permissions) and issue commands to the Claude extension.\u201d<\/p>\n<p>Gispan said he was able to execute any prompt he wanted, blow through Claude\u2019s safety guardrails, evade user confirmation and perform cross-site actions across multiple Google tools. As a proof of concept, LayerX was able to exploit the flaw to extract files from Google Drive folders and share them with unauthorized parties, surveil recent email activity and send emails on behalf of a user, and pilfer private source code from a connected GitHub repository.<\/p>\n<p>The vulnerability \u201ceffectively breaks Chrome\u2019s extension security\u201d by creating \u201ca privilege escalation primitive across extensions, something Chrome\u2019s security model is explicitly designed to prevent,\u201d Gispan wrote.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" height=\"429\" width=\"640\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai.png?resize=640%2C429&#038;ssl=1\" alt class=\"wp-image-88926\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png 1660w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=300,201 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=768,515 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=1024,687 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=1536,1031 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=600,403 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=250,168 250w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=502,337 502w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=1006,675 1006w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.png?resize=1256,843 1256w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><figcaption class=\"wp-element-caption\">A graphic depicting how a vulnerability exploits the trust boundaries in Clade Chrome\u2019s extension. (Source: LayerX)<\/figcaption><\/figure>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Claude relies on text, user interface semantics, and interpretation of screenshots to make decisions, all things that an attacker can control on the input side. The researchers modified Claude\u2019s user interface to remove labels and indicators around sensitive information, like passwords and sharing feedback, then prompted Claude to share the files with an outside server.<\/p>\n<p>That means cybersecurity defenders often have nothing obviously malicious to detect. Where there is visible activity, the model can be prompted to cover its tracks by deleting emails and other evidence of its actions.<\/p>\n<p>Ax Sharma, Head of Research at Manifold Security, called the vulnerability \u201ca useful demonstration of why monitoring AI agents at the prompt layer is fundamentally insufficient.\u201d<\/p>\n<p>\u201cThe most sophisticated part of this attack isn\u2019t the injection, but that the agent\u2019s perceived environment was manipulated to produce actions that looked legitimate from the inside,\u201d said Sharma. \u201cThat\u2019s the class of threat the industry needs to be building defenses for.\u201d<\/p>\n<p>Gispan said LayerX reported the flaw to Anthropic on April 27, but claimed the company only issued a \u201cpartial\u201d fix to the problem. According to LayerX, Anthropic responded a day later to say that the bug was a duplicate of another vulnerability already being addressed in a future update.&nbsp;&nbsp;&nbsp;<\/p>\n<p>While that fix, issued May 6, introduced new approval flows for privileged actions that made it harder to exploit the same flaw, Gispan said he was still able to take over Claude\u2019s agent in some scenarios.<\/p>\n<p>\u201cSwitching to \u2018privileged\u2019 mode, even without the user\u2019s notification or consent, enabled circumventing these security checks and injecting prompts into the Claude extension, as before,\u201d Gispan wrote.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Anthropic did not respond to a request for comment from CyberScoop on the research and mitigation efforts.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.2090761750405\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/05\/flaw-in-claudes-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-1.jpg?w=640&#038;ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/claude-chrome-extension-allows-plugins-to-hijack-ai\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Flaw in Claude\u2019s Chrome extension allowed \u2018any\u2019 other plugin to<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,6179,6581,2381,384,5849,4995,78,5305,6582,256,310,49],"tags":[236,6180,6583,2384,388,5851,4996,86,5310,6584,262,311,57],"class_list":["post-8622","post","type-post","status-publish","format-standard","hentry","category-ai","category-ai-browsers","category-ai-hijacking","category-anthropic","category-artificial-intelligence-ai","category-browser-extensions","category-claude","category-cybersecurity","category-google-chrome","category-plugin","category-research","category-technology","category-threat-intelligence","tag-ai","tag-ai-browsers","tag-ai-hijacking","tag-anthropic","tag-artificial-intelligence-ai","tag-browser-extensions","tag-claude","tag-cybersecurity","tag-google-chrome","tag-plugin","tag-research","tag-technology","tag-threat-intelligence"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai-browsers\/\" rel=\"category tag\">AI browsers<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai-hijacking\/\" rel=\"category tag\">AI hijacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/anthropic\/\" rel=\"category tag\">Anthropic<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/artificial-intelligence-ai\/\" rel=\"category tag\">artificial intelligence (AI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/browser-extensions\/\" rel=\"category tag\">browser extensions<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/claude\/\" rel=\"category tag\">Claude<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-chrome\/\" rel=\"category tag\">Google Chrome<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/plugin\/\" rel=\"category tag\">plugin<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threat-intelligence\/\" rel=\"category tag\">Threat Intelligence<\/a>","tag_info":"Threat Intelligence","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8622"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8622\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}