Red teamers turned Claude Desktop into a double agent to do their evil bidding
ID: 64a91ab0-bba3-5401-8ddb-53b7c2dd8390
STIX ID: report--64a91ab0-bba3-5401-8ddb-53b7c2dd8390
Feed Name: The Register (Security)
Threat Score
Pentera Labs' red team demonstrated that a compromised inbox and Claude Desktop's synced personal preferences can be abused to inject commands into a user's AI assistant, yielding remote code execution, persistent C2 behavior, and lateral access from a developer's workstation; the vendor considered the capability "working as intended," leaving an attack surface for organizations using agentic desktop AI apps.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
