Data leak without a click. [Research Saturday]
CyberWire Daily13 Sep 2025

Data leak without a click. [Research Saturday]

Today we are joined by Amanda Rousseau, Principal AI Security Researcher from Straiker, discussing their work on "The Silent Exfiltration: Zero‑Click Agentic AI Hack That Can Leak Your Google Drive with One Email." Straiker’s research found that enterprise AI agents can be silently manipulated to leak sensitive data, even without user clicks or alerts. By chaining small gaps across tools like Gmail, Google Drive, and calendars, attackers achieved zero-click exfiltration, system mapping, and even policy rewrites. The findings highlight that excessive agent autonomy creates a new attack surface, requiring least-privilege design, runtime guardrails, and continuous red-teaming to stay secure. The research can be found here: The Silent Exfiltration: Zero‑Click Agentic AI Hack That Can Leak Your Google Drive with One Email Learn more about your ad choices. Visit megaphone.fm/adchoices

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(3653)

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

GPS constellations have become foundational in modern society supporting everything from navigation to financial services, making the impacts of GPS disruptions all the more concerning. As reliance o...

7 Juni 26min

You've been muted...permanently. [Research Saturday]

You've been muted...permanently. [Research Saturday]

Ismael Valenzuela, Arctic Wolf’s VP of Labs, Threat Research and Intelligence, discusses their work on "BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web...

6 Juni 21min

The NSA gets an AI upgrade.

The NSA gets an AI upgrade.

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Mias...

5 Juni 31min

Not every headhunter is hiring.

Not every headhunter is hiring.

The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based...

4 Juni 30min

The AI race gets a referee.

The AI race gets a referee.

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months...

3 Juni 31min

The bugs are piling up faster than the fixes.

The bugs are piling up faster than the fixes.

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Stea...

2 Juni 30min

AI joins the chain of command.

AI joins the chain of command.

Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-...

1 Juni 29min

CyberWire Daily at 10: The evolution of ransomware. [Special Edition]

CyberWire Daily at 10: The evolution of ransomware. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape ...

31 Maj 22min

Populärt inom Politik & nyheter

svenska-fall
motiv
aftonbladet-krim
p3-krim
spar
aftonbladet-daily
flashback-forever
rss-sanning-konsekvens
rss-expressen-dok
rss-krimreportrarna
rss-vad-fan-hande
svd-ledarredaktionen
rss-frandfors-horna
rss-flodet
rss-aftonbladet-krim
politiken
dagens-eko
spotlight
olyckan-inifran
rss-krimstad