Critical Vulnerability in GCP Dialogflow Allows Attackers to Inject Malicious Code

A critical vulnerability in Google Cloud Platform’s Dialogflow CX that lets attackers inject persistent malicious code into an organization’s AI-powered chatbot pipeline. The flaw, dubbed “Rogue Agent,” disclosed by Varonis Threat Labs, could silently exfiltrate conversations and enable large-scale phishing campaigns, requiring only a single edit permission to trigger. The exploit abused Playbook Code Blocks, […]

The post Critical Vulnerability in GCP Dialogflow Allows Attackers to Inject Malicious Code appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: