HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Capsule Security Launches AI‑Agent Runtime Protection Platform After Uncovering Critical Prompt‑Injection Flaws in Microsoft Copilot Studio and Salesforce Agentforce

Capsule Security raised $7 M to protect AI agents from manipulation and data exfiltration, and disclosed two zero‑day prompt‑injection vulnerabilities (ShareLeak in Microsoft Copilot Studio and PipeLeak in Salesforce Agentforce). The findings highlight a new privileged‑user risk vector for enterprises relying on AI agents.

LiveThreat™ Intelligence · 📅 April 16, 2026· 📰 helpnetsecurity.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
4 recommended
📰
Source
helpnetsecurity.com

Capsule Security Launches AI‑Agent Runtime Protection Platform After Uncovering Critical Prompt‑Injection Flaws in Microsoft Copilot Studio and Salesforce Agentforce

What Happened – Capsule Security emerged from stealth with a $7 M seed round and introduced a runtime‑monitoring platform that blocks AI agents from misbehaving, exfiltrating data, or being hijacked. The company also disclosed two zero‑day prompt‑injection vulnerabilities – ShareLeak (CVE‑2026‑21520) in Microsoft Copilot Studio and PipeLeak in Salesforce Agentforce – and released an open‑source enforcer, ClawGuard, to mitigate them.

Why It Matters for TPRM

  • AI agents are rapidly becoming privileged, machine‑speed actors in enterprise environments; their unchecked behavior creates a new attack surface.
  • Unpatched prompt‑injection flaws can lead to data leakage, credential theft, or unauthorized actions across critical business systems.
  • Vendors that embed AI agents (e.g., low‑code platforms, SaaS providers) must now assess runtime controls, not just traditional perimeter security.

Who Is Affected – Technology SaaS vendors, cloud‑hosted AI platforms, low‑code/no‑code development tools, and any organization that integrates AI agents into production workflows (finance, healthcare, retail, etc.).

Recommended Actions

  • Inventory all AI‑agent integrations and map their privileged access.
  • Verify that vendors have runtime‑monitoring or prompt‑validation controls similar to Capsule’s offering.
  • Patch any disclosed prompt‑injection CVEs immediately; apply vendor‑provided mitigations (e.g., ClawGuard).
  • Incorporate AI‑agent behavior testing into your third‑party security assessments.

Technical Notes

  • Attack vector: Prompt‑injection (indirect command injection) via untrusted inputs to AI agents.
  • CVE‑2026‑21520: Critical severity in Microsoft Copilot Studio, patched after disclosure.
  • PipeLeak: Similar injection flaw in Salesforce Agentforce, currently under coordinated disclosure.
  • Mitigation: Capsule’s ClawGuard inserts a pre‑invocation checkpoint; runtime policy enforcement limits data access and command execution.

Source: Help Net Security

📰 Original Source
https://www.helpnetsecurity.com/2026/04/15/capsule-security-platform/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →