Tag: vulnerability reward program
2 articles

Google Dialogflow Flaw Lets Rogue Agents Hijack Chatbots
A security flaw in Google Dialogflow, dubbed "Rogue Agent," allowed hackers to hijack chatbots, but thankfully, a fix was rolled out after Varonis reported the issue through Google's Vulnerability Reward Program. The flaw was cleverly exploited through custom Code Blocks in Dialogflow CX, highlighting the importance of robust security measures in chatbot development.

Google Gemini on Android Exposed to Notification-Based Hijacking
Researchers have uncovered a vulnerability in Google Gemini on Android that allows hackers to hijack the assistant using a single hostile notification, no malicious app required. This shocking exploit lets anyone able to push a notification to a device deliver a payload and take control.