Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them smuggle AI-read instructions in via humble Web-to-Lead form… and ended up spilling data for the low, low price of five dollars.
And we discuss why data breach communicationss still default to “we take security seriously” while quietly implying “assume no breach” – until the inevitable walk-back.
Plus, we take a look at ITV’s phone-hacking drama with David Tennant, and take a crack at decoding the history of the Rosetta Stone.
Hear all this and more in episode 437 of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Paul Ducklin.
Host:
Graham Cluley:
@grahamcluley.com
@[email protected]
Guest:
Paul Ducklin – @duckblog
Episode links:
Sponsored by:
- SecAlerts – SecAlerts makes your job easier by matching vulnerabilities to your software, using information as soon as it’s released. Use code SMASHING for 50% off a year subscription.
- ANON – Find, monitor and remove data about yourself online. Manage your digital footprint with ease. Use code SMASHING for a 25% discount.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a Patreon supporter for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
