Anthropic Faces Claude.ai Data-Exfiltration Vulnerability Named Claudy Day

Security researchers disclosed "Claudy Day," a chained vulnerability in Anthropic's Claude.ai that allowed silent data exfiltration via invisible prompt injections, embedded API keys, and unvalidated open redirects. Anthropic patched the prompt injection after responsible disclosure and is working on fixes for remaining issues. The flaw could expose chat histories and connected enterprise resources when attackers exploit Google Ads and prefilled prompt URLs.
Key Points
- 1Demonstrates invisible prompt injection, hidden API-key exfiltration, and open redirect chain within default Claude sessions.
- 2Highlights risk of trusted-host redirects and prefilled prompts enabling silent data extraction from chat histories.
- 3Implies enterprises must audit MCP integrations, restrict API access, and train users on malicious prefilled links.
Scoring Rationale
High severity, confirmed by researchers and partially patched by Anthropic, but the exploit is vendor-specific and may not generalize broadly.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
