AI Agent Can Access File Upload API to Exfiltrate Documents. Security researchers have demonstrated how Anthropic’s new Claude Cowork productivity agent can be tricked into stealing user files and uploading them to an attacker’s account, exploiting a vulnerability the company allegedly knew about.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/anthropics-cowork-shipped-known-vulnerability-a-30553
