The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps

A Windows 11 security update triggered Microsoft app sign-in failures, prompting an emergency patch and a manual workaround ...