Pentera Labs discovers security risks in Claude Desktop app
UNVERIFIED·Primary source · The Register
Pentera Labs researchers demonstrated that Claude Desktop's sync and personalization features can be exploited to execute arbitrary code.
The attack involves injecting malicious prompts into user preferences, which then sync across devices.
Anthropic stated that these features are working as intended and do not constitute a security vulnerability.
Key Facts
01
01 — What / Thesis
Pentera Labs discovers security risks in Claude Desktop app
02
02 — Who / Subject
Pentera Labs / Anthropic
03
03 — Where / Locus
Global
04
04 — When / Temporality
November 2025
AI Verification Note
This article is generated by cross-referencing multiple sources and official announcements. Parts relying solely on testimony or reporting are reflected in the confidence score; content and assessment are updated as new information is confirmed.