AI agent successfully phished in security test, exfiltrating corporate credentials and customer data
Varonis Threat Labs built an autonomous AI agent called Pinch with access to corporate email and business applications that was successfully deceived via phishing to share cloud credentials and customer data with external actors. The test demonstrated that current AI agents lack defenses against social engineering attacks targeting their access privileges.
Topics
Sources
- Press Read article
Go deeper
This intelligence is sourced automatically from public sources across the web and synthesised by the Prefactor AI pipeline. Stories are reviewed before publication.