Claude Memory Heist Attack Extracts Personal Data via Web Browsing
Security researcher Ayush Paul discovered an attack method that exploits Claude's web browsing feature to steal personal information stored in memory. By tricking Claude into following links on a fake site, the attacker can extract names, workplaces, and other data character by character. Anthropic has already implemented a measure to prevent Claude from following links within external pages.