#genai-security

[ follow ]
fromThe Hacker News
3 days ago

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection. The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security, which discovered and reported the problem on July 28, 2025. It impacts any organization using Salesforce Agentforce with the Web-to-Lead functionality enabled.
Information security
Information security
fromThe Hacker News
1 month ago

Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec

Code-to-cloud visibility detects security risks early across development and runtime, reducing breaches, costly fixes, and GenAI-related vulnerabilities.
[ Load more ]