AI/ML , Vulnerability Management LayerX reports vulnerability in Claude Desktop Extensions, Anthropic declines to fix February 11, 2026 By SC Staff (Credit: sauloangelo – stock.adobe.com) The Register reports that LayerX, a security firm, has identified a "zero-click" remote code execution vulnerability within Claude Desktop Extensions, now known as MCP Bundles. This flaw, which LayerX says deserves a CVSS score of 10/10, can be exploited by processing a specially crafted Google Calendar entry. The vulnerability arises from how Claude Desktop Extensions process external data and interact with installed MCP connectors. According to LayerX, extensions do not run in a truly sandboxed environment and possess full host system privileges. By sending a Google Calendar invitation containing malicious instructions, a user can trick Claude into downloading, compiling, and executing harmful code. This occurs because Claude processes data from public connectors like Google Calendar and autonomously decides which installed MCP connectors to use. If an extension with command-line access is present, it can be triggered by data from a seemingly low-risk source, leading to remote code execution without any user interaction. Anthropic has stated that this vulnerability falls outside their current threat model, viewing the MCP integration as a local development tool where users are responsible for the security configurations of installed extensions and their granted permissions. Source: The Register Get essential knowledge and practical strategies to use AI to better your security program. Learn More SC Staff AI/ML AI chatbot-spoofing Chrome extensions facilitate data theft SC Staff February 13, 2026 Malicious actors have created 32 malicious Google Chrome extensions masquerading as ChatGPT, Google Gemini, and other AI chatbots to exfiltrate emails, API keys, and other sensitive information as part of the AiFrame campaign, The Register reports. AI/ML Google Gemini weaponized in state-sponsored attacks SC Staff February 13, 2026 The Hacker News reports that multiple state-sponsored threat operations have been exploiting Google Gemini to facilitate accelerated cyber intrusions. Security Operations Check Point acquires 3 startups for $150 million to bolster cybersecurity SC Staff February 13, 2026 Check Point Software Technologies Ltd. has acquired three venture-backed startups, Cyclops Security, Cyata Security, and Rotate Inc., for approximately $150 million to enhance its cybersecurity capabilities. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds