Episode

CCT 348: ClaudeBleed - The Hidden Risk In AI Browser Extensions and CISSP Domain 3

Podcast

CISSP Cyber Training Podcast - CISSP Training Program

Published

May 11, 2026

Duration seconds

2040

Processing state

not_requested

Canonical source

https://www.buzzsprout.com/2167626/episodes/19154014-cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3.mp3

Audio

https://www.buzzsprout.com/2167626/episodes/19154014-cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3.mp3

JSON

/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3

Markdown

/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3.md

Actions

• POST https://stenobird.com/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3/transcription-requests
  Idempotently request low-priority transcript generation for this episode.
• GET https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-348-claudebleed-the-hidden-risk-in-ai-browser-extensions-and-cissp-domain-3.md
  Read the agent-friendly Markdown representation of this episode resource.

Summary

Send us Fan Mail Your browser just became a security boundary you can’t afford to ignore. We start with ClaudeBleed, a vulnerability in the Claude AI Chrome extension that shows how an AI browser agent can be hijacked by another malicious extension, even one with zero special permissions. When an agent can act “as you” inside a trusted environment, the risk jumps from theory to real outcomes like silent email sending, data loss through Google Drive, or code theft from private repos. We walk ...