Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

A critical flaw in Google’s Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project.

From there, they could read live conversations, steal th… Continue reading Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

Posted in Uncategorized

Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data

A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization’s private repositories, researchers at Noma Security have shown.

The attacker needs only to open a normal-looking issue on a public repository, with no stol… Continue reading Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data

Posted in Uncategorized

Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker

U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint.

Microsoft records tied that ID first to the account the attack… Continue reading Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker

Posted in Uncategorized