Archive ready

Claude拡張機能に深刻な脆弱性　閲覧だけでWebブラウザ乗っ取りの恐れ：セキュリティニュースアラート - ITmedia エンタープライズ

https://www.itmedia.co.jp/enterprise/articles/2604/01/news014.html

April 1, 2026 at 08:13 AM JST•The archive page, viewer, and downloads use this saved version.

April 1, 2026 at 08:13 AM JST·www.itmedia.co.jp

The evidence pack includes HTML, screenshots, summaries, and metadata. It can be downloaded on Pro.

Saved page

Claude拡張機能に深刻な脆弱性　閲覧だけでWebブラウザ乗っ取りの恐れ：セキュリティニュースアラート - ITmedia エンタープライズ

Open the archived HTML with saved-time metadata attached.

Original URLhttps://www.itmedia.co.jp/enterprise/articles/2604/01/news014.html

StartedApril 1, 2026 at 08:13 AM JST

This HTML has CSS and images embedded, so it can still be opened even if the original page disappears.

About this pageAI generated

This page reports on a critical vulnerability called "ShadowPrompt" discovered in Claude's Chrome extension. Users can have their browser hijacked without performing any special actions, merely by viewing malicious websites. The AI assistant can be manipulated into executing unauthorized commands, allowing attackers to gain control of the web browser. The vulnerability stems from a combination of design flaws in the extension and XSS weaknesses in external components. Koi Security announced the discovery on March 26, 2026.

Screenshot

The full page can be captured up to 15,000px in height so you can review the complete page layout when needed.

Claude拡張機能に深刻な脆弱性 閲覧だけでWebブラウザ乗っ取りの恐れ：セキュリティニュースアラート - ITmedia エンタープライズ

Claude拡張機能に深刻な脆弱性　閲覧だけでWebブラウザ乗っ取りの恐れ：セキュリティニュースアラート - ITmedia エンタープライズ