Back Issues This Week → Calendar → Current Issue → Popular →

All issuesVolume 340, Issue 2IT Vendor NewsVaronis

Rogue Agent: How a Single Code Block Could Hijack Your AI Conversations in Google's Dialogflow

Varonis, Tuesday, July 7th, 2026

Varonis Threat Labs disclosed a Dialogflow CX flaw letting attackers persist malicious code and exfiltrate conversations.

Varonis Threat Labs disclosed a critical vulnerability in Google Cloud Platform's Dialogflow CX service that let attackers inject persistent malicious code into agents' pipelines and silently exfiltrate conversations.

The flaw required only a single edit permission to compromise all agents within a project.

Google released an initial patch in April 2026 and fully resolved the issue by June 2026. No known exploitation occurred before the fix.

more →  ·  More from Varonis →