Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Updated on September 25, 2025

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection.
The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security,…

Read the rest of the story at Read More

Source: The Hacker News

January 11, 2024 Uncategorized

New PoC Exploit for Apache OfBiz Vulnera...

June 6, 2025 Uncategorized

Microsoft Helps CBI Dismantle Indian Cal...

November 21, 2024 Uncategorized

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Related posts

New PoC Exploit for Apache OfBiz Vulnera...

Microsoft Helps CBI Dismantle Indian Cal...

Over 145,000 Industrial Control Systems ...

Leave a Comment Cancel reply

Recent News

5 Critical Questions For Adopting an AI Security Solution

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL