Vertex AI Agent Engine default permissions exposed a path to sensitive Google Cloud data

Security researchers say Google Cloud’s Vertex AI Agent Engine exposed a serious privilege risk through its default service agent model, allowing a deployed AI agent to extract service-agent credentials and pivot into sensitive resources. Palo Alto Networks Unit 42 said the issue let a malicious or compromised agent move beyond its intended task and read […] The post Vertex AI Agent Engine default permissions exposed a path to sensitive Google Cloud data appeared first on VPN Central.