Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

A critical flaw in Google’s Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project.

From there, they could read live conversations, steal the data users shared, and make the bots send attacker-written messages, including requests to re-enter a password.

Security firm Varonis found it

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account

Humiliating IIS servers for fun and jail time

Humiliating IIS servers for fun and jail time Source: Hacker News