// Alert

Google Cloud threat report

Rogue Agent, a critical vulnerability in GCP Dialogflow CX disclosed by Varonis Threat Labs, allows attackers to inject persistent malicious code via Playbook Code Blocks. The flaw requires only dialogflow.playbooks.update permission and enables conversation exfiltration, phishing attacks, and credential theft. Code Block logic executed in a shared Cloud Run environment, permitting cross-agent compromise. Google received disclosure in November 2025, deployed an initial fix in April 2026, and fully resolved the issue by June 2026 with no confirmed prior exploitation.

// Get alerts for Google Cloud