Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Vulnerability in Claude Cowork Sandbox Exposed

Critical Vulnerability in Claude Cowork Sandbox Exposed

Posted on July 2, 2026 By CWS

Security researchers have uncovered a significant vulnerability within Anthropic’s Claude Cowork, enabling attackers to gain elevated privileges and execute any command as root in the product’s Linux sandbox. This vulnerability compromises the multiple security layers Anthropic has integrated into the environment.

Understanding Claude Cowork and Its Security Framework

Designed for knowledge workers, Claude Cowork by Anthropic integrates Claude Code, enabling users without technical expertise to create tools and analyze data. On Windows, Claude Cowork operates within a Hyper-V-isolated Ubuntu virtual machine, protected by various security measures including Authenticode-gated RPC, bubblewrap namespaces, and a domain-restricted egress proxy.

Despite these defenses, research by Armadin demonstrated the possibility of executing arbitrary code as root within the VM, highlighting a critical flaw in the sandbox’s security framework.

Exploitation of the Sandbox Vulnerability

The vulnerability exploration focused on the Host Compute Service, which provisions an Ubuntu VM invisible to standard Hyper-V tools, and managed by the CoworkVMService. This service facilitates desktop connections via a named pipe hosting a JSON-based RPC server, authenticated through Authenticode signature checks.

Initial attempts to bypass these checks through signature manipulation failed, leading researchers to utilize DLL sideloading techniques. By manipulating the loading of USERENV.dll, Armadin achieved unauthorized code execution inside Claude Cowork, bypassing the identity verification process.

Impact and Implications of the Security Breach

Once gaining execution access, Armadin leveraged an AI coding agent to decode the RPC protocol, enabling further exploitation. By manipulating spawn parameters, researchers bypassed user checks and executed commands as root, highlighting critical flaws in user validation mechanisms.

This vulnerability, validated against Claude Desktop for Windows version 1.9255.2.0, underscores the potential risks associated with privilege escalation within sandboxed AI tools. It raises concerns about the effectiveness of current security models in preventing unauthorized access once initial execution is achieved.

While Anthropic’s threat model doesn’t prioritize local code execution as a significant risk, this discovery emphasizes the need for enhanced security measures in AI agent tools to protect against such vulnerabilities.

Cyber Security News Tags:AI tools, Anthropic, Claude Cowork, code execution, Cybersecurity, DLL Sideloading, network access, privilege escalation, root access, sandbox breach, sandbox security, security breach, security research, Vulnerability, Windows

Post navigation

Previous Post: Ousaban Malware Targets Iberian Banks with Phishing PDFs
Next Post: Hackers Exploit VLC to Deploy ValleyRAT Malware

Related Posts

AI-Powered Phishing and QR Code Threats Rise in 2025 AI-Powered Phishing and QR Code Threats Rise in 2025 Cyber Security News
CodeSign Secure v3.02: Future of Code Signing with PQC CodeSign Secure v3.02: Future of Code Signing with PQC Cyber Security News
Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File Cyber Security News
Critical Chrome Security Flaws Allow Remote Code Execution Critical Chrome Security Flaws Allow Remote Code Execution Cyber Security News
ConnectWise to Rotate Code Signing Certificates for ScreenConnect, Automate and RMM ConnectWise to Rotate Code Signing Certificates for ScreenConnect, Automate and RMM Cyber Security News
Edge Extension Malware Exploits Chrome Protocol Edge Extension Malware Exploits Chrome Protocol Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Hackers Exploit VLC to Deploy ValleyRAT Malware
  • Critical Vulnerability in Claude Cowork Sandbox Exposed
  • Ousaban Malware Targets Iberian Banks with Phishing PDFs
  • Ransomware Groups Exploit Citrix Vulnerability
  • New Malware Campaign Exploits TryCloudflare and Python

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Hackers Exploit VLC to Deploy ValleyRAT Malware
  • Critical Vulnerability in Claude Cowork Sandbox Exposed
  • Ousaban Malware Targets Iberian Banks with Phishing PDFs
  • Ransomware Groups Exploit Citrix Vulnerability
  • New Malware Campaign Exploits TryCloudflare and Python

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark