Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Wednesday, April 15, 2026 at 12:00 PM UTC·Source: Dark Reading

Updated: Wednesday, April 15, 2026 at 12:01 PM UTC

Executive Summary

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Analysis

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Source Attribution

Originally published by Dark Reading on Apr 15, 2026.

Related Threats

CRITICALData Breach

Flawed Cisco update threatens to stop APs from getting further patches

Cisco admins are scrambling to patch a critical flash memory overflow vulnerability in over 200 Cisco Systems IOS XE-based models of wireless access points (APs), caused by a recent flawed software update. If the issue is not corrected quickly, the AP’s memory will become so flooded that new software updates will be blocked and the AP rendered insecure, or possibly even bricked. The problematic li

6d agoCSO Online

HIGHData Breach

$3.75M Settlement Resolves Data Breach Lawsuit Against Chattanooga Heart Institute

Memorial Heart Institute, doing business as Chattanooga Heart Institute in Tennessee, was sued over a data breach in 2023. A […] The post $3.75M Settlement Resolves Data Breach Lawsuit Against Chattanooga Heart Institute appeared first on The HIPAA Journal .

Apr 17, 2026HIPAA Journal

HIGHData Breach

Illinois Bone and Joint Institute Settles Class Action Data Breach Lawsuit for $4M

Illinois Bone and Joint Institute (IBJI), one of the largest orthopedic group practices in Illinois, has agreed to settle a […] The post Illinois Bone and Joint Institute Settles Class Action Data Breach Lawsuit for $4M appeared first on The HIPAA Journal .

Apr 17, 2026HIPAA Journal