Hacking Claude: Exploiting Compositional Risks in LLMs
2025-07-17
Security researcher Golan Yosef achieved code execution on Anthropic's Claude desktop app using a crafted Gmail email, not by exploiting vulnerabilities in the app itself, but by leveraging Claude's capabilities and trust mechanisms. Through an iterative process involving Claude, the researcher guided the LLM to refine its attack strategy, ultimately bypassing its built-in security. This highlights the critical 'compositional risk' in GenAI, where secure individual components can create insecure systems when combined. The research underscores the need for comprehensive security assessments of LLM-powered applications to address this novel attack vector.
Read more