ShadowPrompt: Zero-Click Prompt Injection in Anthropic Claude for Chrome
This vulnerability chain enabled remote attackers to execute zero-click prompt injections against the Claude for Chrome extension by exploiting a permissive origin allowlist (*.claude.ai) and a DOM-based XSS in an Arkose Labs CAPTCHA component hosted on a-cdn.claude.ai. By bypassing origin checks via the trusted subdomain, attackers could send unauthorized messages to the extension's background script, facilitating the theft of Gmail access tokens, Google Drive data exfiltration, and unauthorized account manipulation for over 3 million users.
Google Chrome V8 Engine Zero-Day Exploitation
Google has issued emergency patches for the Chrome V8 JavaScript engine following the discovery of active, in-the-wild exploitation of multiple zero-day vulnerabilities, including CVE-2024-4947 and CVE-2024-5274. These vulnerabilities facilitate remote code execution (RCE) through sophisticated exploitation of the V8 Just-In-Time (JIT) compiler, specifically targeting type confusion and heap buffer overflow conditions. Threat actors utilize malicious site redirections and drive-by downloads to trigger memory corruption, allowing for arbitrary code execution within the browser context. Given the approximately 3.5 billion user base, immediate patching is critical to mitigate risks from advanced persistent threat (APT) activity and increasingly complex browser-based exploit chains.
Google Chrome Implements Device Bound Session Credentials DBSC to Combat Token Theft
Google has transitioned Device Bound Session Credentials (DBSC) from beta to General Availability (GA) for Chrome on Windows. This architectural update mitigates session cookie theft and authentication token exfiltration, common vectors used by adversaries to bypass Multi-Factor Authentication (MFA) and execute account takeovers. By cryptographically binding session tokens to a specific hardware device, DBSC prevents stolen cookies from being reused on unauthorized machines, effectively neutralizing "pass-the-cookie" attacks. The feature is now enabled by default for all Google Workspace customers and Individual subscribers.