A new vulnerability chain discovered by Oasis Security can compromise the Claude AI chatbot and does not require the target to have the app installed or even have an account with the service. The attack chain instead begins with a malicious webpage doctored up to place highly in search results for Claude, which passes the user to a pre-filled chat URL that exploits other vulnerabilities in the AI agent.
