Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
Dark Reading

Copilot 'SearchLeak' Attack Allows 1-Click Data Theft

The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden ...

This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

This sneaky attack tricks Microsoft's AI assistant to hand over your data.
CPO Magazine

“SearchLeak” Copilot Vulnerability Chain Turns the AI Assistant Into a Data Theft Partner

The Copilot vulnerability chain requires three steps, two of which are old-fashioned injections and request forgeries. But ...
InfoQ

Azure Functions Ships Serverless Agents Runtime at Build 2026

Azure Functions shipped a serverless agents runtime in public preview at Build 2026. Agents are defined in .agent.md markdown ...

Hackers turn Microsoft 365 Copilot into a one-click data theft tool

Varonis found a way to chain three bugs into one exploit that can lead to data exfiltration.
WinBuzzer

Microsoft Patches Copilot SearchLeak Data-Theft Flaw

Microsoft has patched a Copilot flaw after researchers showed a one-click chain that could expose two-factor codes and ...