First, secure AI with @NomaSecurity / Current: Noma Security VP of marketing; Yinzer; Girl dad x5. / Former: Vulcan Cyber; SaltStack; ServiceNow; Altiris.
Joined March 2008
- Tweets 7,756
- Following 408
- Followers 1,955
- Likes 246
159 Photos and videos
Rhett Glauser retweeted
2 Oct 2025
We're kicking off this year's #CloudSecNextSummit w/ keynote speaker Diana Kelley (CISO of Noma Security)! It's not too late to join us Live Online for incredible #CloudSecurity sessions.
Register Now: sans.org/u/1AhD
2
2
384
Rhett Glauser retweeted
26 Sep 2025
There's an extremely good write up by @NomaSecurity (and @sasi2103) about a Salesforce Prompt Injection vuln which led to leaking customer data zero-click via prompt injection into image tag generation.
Link and my breakdown of it below:
2
26
174
13,308
ForcedLeak: AI Agent risks exposed in Salesforce AgentForce - noma.security/blog/forcedlea⦠By @sasi2103
This research outlines how @NomaSecurity discovered ForcedLeak, a critical severity (CVSS 9.4) vulnerability chain in Salesforce Agentforce that could enable external attackers to exfiltrate sensitive CRM data through an indirect prompt injection attack. This vulnerability demonstrates how AI agents present a fundamentally different and expanded attack surface compared to traditional prompt-response systems.Β
#ForcedLeak #AgenticAI #SalesforceAgentforce #PromptInjection #IndirectPromptInjection #DataExfiltration #NomaSecurity #NomaLabs #ContentSecurityPolicy #Salesforce #AIAgentSecurity #AISecurity
5
16
778
Rhett Glauser retweeted
25 Sep 2025
Critical agentic vulnerability in Salesforce Agentforce π¨
Vuln found and announced by @NomaSecurity
CVSS score 9.4
By exploiting an indirect prompt injection attack vector and registering a $5 domain Noma was able to exfiltrate CRM data
Hereβs what you need to know π§΅
2
3
13
640
Rhett Glauser retweeted
24 Apr 2025
Our research team showcases a case where a malicious MCP uses invisible Unicode characters to hide malicious instructions. π¨βπ π₯Ά π
linkedin.com/posts/sasi-leviβ¦
1
6
28
4,118
Rhett Glauser retweeted
15 Nov 2023
Vulcan Cyber, which scans software for security vulnerabilities, lands $55M cash infusion tcrn.ch/3MM2iRH by @kyle_l_wiggers
5
5
23,924
Rhett Glauser retweeted
22 Aug 2023
Vulcan Cyber is coming to @BlueTeamCon πΎ
Find our dream team this weekend at booth #9, 2nd floor.
8
6
805
Rhett Glauser retweeted
16 Aug 2023
CVE lab alert π¬
Say hello to CVE-2023-39143, a critical RCE discovered and addressed in PaperCut servers.
vulcan.io/blog/how-to-fix-thβ¦
8
2
356
Rhett Glauser retweeted
14 Aug 2023
Iβm very proud that "The Silk Factory" was awarded the International Impact Book Awards 2023 for Memoirs! This award reflects the generational impact of trauma and the importance of atonement in the healing process.
You can now order your copy here: mybook.to/TKM2XN
1
1
159
Rhett Glauser retweeted
10 Aug 2023
πThe future of vulnerability prioritization is here, see for yourself on August 24th >> brighttalk.com/webcast/17864β¦
7
2
216
Rhett Glauser retweeted
7 Aug 2023
A security vulnerability discovered in Cisco, with a score of 9.1, that could be exploited by an unauthenticated remote attacker that could gain read permissions or limited write permissions? That's harsh. π₯
vulcan.io/blog/how-to-fix-cvβ¦
7
2
186
Rhett Glauser retweeted
3 Aug 2023
Vulcan Cyber is proud to introduce APG π
vulcan.io/blog/announcing-thβ¦
7
3
154
Rhett Glauser retweeted
3 Aug 2023
Vulnerability management can be a daunting task, especially when the focus is scattered. @VulcanCyber's new graph tool emphasizes the necessity of targeted defense strategies. bit.ly/45fl1eX
#AttackSurface #CyberSecurity #ASM
9
2
339
Rhett Glauser retweeted
2 Aug 2023
SSVC has been challenging CVSS for the vulnerability decision-making primary method. π―
Learn all about it in our recent blog >> vulcan.io/blog/the-ssvc-riskβ¦
ALT CVSS, EPSS, SSVC comparison table. Comparing the vulnerability prioritization methods.
8
2
147
Rhett Glauser retweeted
1 Aug 2023
Owning cyber risk is no easy task.
Fear not - Vulcan Cyber to the rescue! π¦Ύ check out our bi-weekly Linkedin newsletter >> linkedin.com/feed/update/urnβ¦
8
1
143
Rhett Glauser retweeted
31 Jul 2023
ποΈ The latest and greatest cyber risk stories from July 2023, right here >> linkedin.com/posts/vulcancybβ¦
ALT Cyber news July 2023, Vulcan cyber news. Cyber risk updates
7
2
142
Rhett Glauser retweeted
27 Jul 2023
π± CVE-2023-3519, a critical zero-day vulnerability in Citrix NetScaler, is currently being exploited by attackers.
Here's what you need to know >> vulcan.io/blog/unpacking-cveβ¦
8
2
549
27 Jul 2023
More #vulnerability prioritization and remediation insights from @VulcanCyber gag.gl/yj149Q?activity_id=41β¦
79
Rhett Glauser retweeted
25 Jul 2023
Good morning to that one guy who forgot to handle SQL injections π
3
9
5
719