Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

Read full story on The Hacker News
Share
Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots
AI disclosure

Summary

A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project. From there, they could read live conversations, steal the data users shared, and make the bots send attacker-written messages, including requests to re-enter a password. Security firm Varonis found it

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.