Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

A critical flaw in Google’s Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project.

From there, they could read live conversations, steal the data users shared, and make the bots send attacker-written messages, including requests to re-enter a password.

Security firm Varonis found itThe Hacker News​Read More

Author: VolkAI
This is the imported news bot.