A recent security vulnerability in Salesforce’s Agentforce, dubbed “ForcedLeak,” allowed external attackers to potentially steal sensitive customer data through prompt injection. Researchers discovered that a DNS misconfiguration enabled them to exploit the system using an expired domain they purchased for $5. Agentforce, designed for automating tasks with AI agents, faced a critical flaw, rated 9.4 on the CVSS scale, which could lead to unauthorized data access. Salesforce has since issued patches prohibiting AI agents from sending CRM data to untrusted URLs, enhancing security controls. The exploit illustrates the risks associated with AI-driven business tools lacking human oversight, where prompt injection introduces new attack vectors and social engineering targets. Salesforce emphasized the importance of proactive AI security and continues to collaborate with security experts to mitigate such vulnerabilities. This incident highlights a growing trend of AI security threats, underscoring the necessity for robust defenses against prompt injection attacks in AI systems.
Source link
