
Critical Vulnerability in GCP Dialogflow Allows Attackers to Inject Malicious Code
A critical vulnerability in Google Cloud Platform’s Dialogflow CX that lets attackers inject persistent malicious code into an organization’s AI-powered chatbot pipeline. The flaw, dubbed “Rogue Agent,” disclosed by Varonis Threat Labs, could silently exfiltrate conversations and enable large-scale phishing campaigns, requiring only a single edit permission to trigger. The exploit abused Playbook Code Blocks, […]
The post Critical Vulnerability in GCP Dialogflow Allows Attackers to Inject Malicious Code appeared first on Cyber Security News.