Re: AI 'double agents'
By: Mike Powell to All on Thu Apr 02 2026 10:49 am
'What if the AI agent you just deplo
was secretly working against you?':
Vertex AI 'double agent' flaw expose
customer data and Google's internal
code
Date:
Wed, 01 Apr 2026 15:25:00 +0000
Description:
Misconfigured AI agents can lead to
data disclosure and other risks.
FULL STORY
Cloud misconfigurations are
one of the biggest causes of data
leaks, but now we have another form
misconfiguration to worry about - AI
agents.
Unit 42, Palo Altos cybersecurity ar
has revealed new analysis showing ho
an AI agent deployed in the Google
Cloud Platform (GCP) Vertex AI Agent
Engine can be turned into a double
agent - doing nefarious work while
appearing to serve its intended
purpose. Vertex AI is the main AI/ML
platform from Google Cloud, where
developers can build and deploy mach
learning models and generative AI ap
The Agent Engine is what turns model
into autonomous agents. However, Un
42 notes that if theyre not careful
with permissions, users can leave th
agents vulnerable to takeovers.
By exploiting a significant risk in
default permission scoping and
compromising a single service agent,
reveal how the Vertex AI permission
model can be misused, leading to
unintended consequences, the report
states.
The researchers first deployed a cus
AI agent using Vertex AIs ADK in a
controlled environment and then
discovered that the agents default
service account (P4SA) had excessive
permissions.
Then, using a custom-built malicious
tool , they were able to extract
service agent credentials from the
metadata service, and then use those
pivot into the consumer project. Thi
gave them unrestricted read access t
all Cloud Storage data, as well as t
producer (Google-managed) environmen
This exposed restricted Artifact
Registry repositories, allowing the
researchers to download private
container images, enumerate internal
resources and inspected artifacts, a
reveal proprietary source code and
internal infrastructure details.
"Gaining access to this proprietary
code not only exposes Google's
intellectual property but also provi
an attacker with a blueprint to find
further vulnerabilities," the
researchers explained in the paper.
In response, Google updated its
documentation, to better explain how
Vertex
AI uses resources, accounts, and
agents. The company is now recommend
customers use Bring Your Own Service
Account (BYOSA) to replace the defau
ones.
Link to news story: https://www.tech
ar.com/pro/security/what-if-the-ai-a
t-you-just-deployed- was-secretly-wo
ng-against-you-vertex-ai-double-agen
law-exposes-customer-
data-and-googles-internal-code
$$
It is really something that the
Conspiracy board is just full of real
news stories, where I'd wager once
upon a time this was UFO theories and
pothead plots. What a time now live in.
Interesting times, indeed.
--Just Post, World Is A Fuck!--
This Quality Shit-Post Brought
To You Via Commodore 64 Ultimate
--- SBBSecho 3.37-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)