AppOmni Finds Now Assist Agents Could Trigger Unauthorized Actions. ServiceNow’s Now Assist agents could be manipulated through second-order prompt injection, enabling unauthorized record changes and data exposure despite protections, shows new research from AppOmni. The issue stemmed from default configurations that allow agents to invoke each other.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/misconfigured-ai-agents-let-attacks-slip-past-controls-a-30068
