TECH NEWS

Claude Code and Claude in Chrome have four security blind spots. Here's the audit

https://images.ctfassets.net/jdtwqhzvc2n1/4SkR8jNCpfSRyi8zx9Bpt4/90a858841864009a2a8062003a9baa4e/hero.png?w=800&q=75

Between May 6 and 7, four security research teams published findings about Anthropic’s Claude that most outlets covered as three separate stories. One involved a water utility in Mexico, another targeted a Chrome extension, and a third hijacked OAuth tokens through Claude Code. In one case, Claude identified a water utility’s SCADA gateway without being told to look for one.

These are not three bugs. They are one architectural question playing out on three surfaces. No single patch released so far addresses all of them.

The common thread is the confused deputy, a trust-boundary failure where a program with legitimate authority executes actions on behalf of the wrong principal. In each case, Claude held real capabilities on every surface and handed them to whoever showed up. An attacker probing a water utility's network. A Chrome extension with zero permissions. A malicious npm package rewriting a config file.

Carter Rees,...

Copyright of this story solely belongs to venturebeat.com. To see the full text click HERE

Read more

https://i.pcmag.com/imagery/articles/030oXKoaHKcJsu7VUdTprsb-1.fit_lim.size_1200x630.v1779312243.jpg

SpaceX S-1: Starlink had 10.3M subscribers in Q1 2026, a 105% increase YoY; SpaceX's “Connectivity” business, which is primarily Starlink, made $11.3B in 2025

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. App Spotlight: Quo for Zoho CRM — App Spotlight brings you hand-picked solutions that enhance your
https://cdn.mos.cms.futurecdn.net/7X9twHAUMGDXBdL3dAdrNW-1920-80.jpg

You've heard of Touch ID and Face ID, but is Ear ID next? Researchers have detailed a new tech would let you use AirPods or similar buds to prove who you are and unlock your gadgets — and it's actually your heartrate that they detect

* Chinese researchers have developed 'AccLock' * This uses your heartbeat to verify your identity * All it needs is earbuds with accelerometers Researchers from several universities in China have developed a technology they called AccLock, and it's basically Ear ID. It's a way of verifying your