
Pentera red-team poisoned Claude Desktop via synced preferences to get full remote code execution
A “feature, not a bug” lets attackers turn a trusted AI desktop app into a persistent foothold on real machines.
By Lama Al-Rashid·· 5 min

Curating from trusted global sources…
1 briefing · “claude desktop”

A “feature, not a bug” lets attackers turn a trusted AI desktop app into a persistent foothold on real machines.