The Hacker News

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

ForcedLeak flaw in Salesforce Agentforce allows data exfiltration via indirect prompt injection; Salesforce issues patch.
SecurityWeek

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited

New report outlines the Top 25 MCP vulnerabilities and how attackers could exploit AI agents, plus strategies for defense.
Security Boulevard

How Application Penetration Testing Prevents Real-World Breaches

Applications are prime targets for attackers, and breaches often start with a single vulnerability. Application penetration ...
CSO Online

Vulnerability in Salesforce AI could be tricked into leaking CRM data

Salesforce Agentforce allowed attackers to hide malicious instructions in routine customer forms, tricking the AI into ...
The Register on MSN

Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales

More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external ...