As organizations rapidly deploy AI agents, understanding the unique attack surface they create is critical for security leaders. This session examines recent attacks as in the ForcedLeak vulnerability discovered in Salesforce Agentforce. Sharing examples of how attackers are leveraging content security policy weaknesses, indirect prompt injection, and human-AI interaction patterns to extract and exfiltrate sensitive enterprise data. Discuss what a complete attack chain can look like and reveal practical lessons to protect critical security boundaries. Attendees will gain actionable guidance for securing agentic AI and understanding the expanded threat landscape that autonomous AI agents introduce to enterprise environments.