Tag: microsoft 365 copilot
4 articles

Microsoft 365 Copilot Exploited in 1-Click Data Theft Attack
A critical vulnerability in Microsoft 365 Copilot Enterprise, known as SearchLeak, could be exploited with just one click to steal sensitive data from mailboxes, OneDrive, and SharePoint. Fortunately, Microsoft has patched the flaw, CVE-2026-42824, and no user action is required to stay safe.

Sneaky Mermaid attack: Exclusive Copilot data breach alert
A clever Sneaky Mermaid indirect prompt injection showed how hidden instructions buried in files could trick Microsoft 365 Copilot into leaking tenant data. Microsoft says it patched this specific flaw, but security teams warn the broader risk of stealthy, embedded prompt attacks is far from over.

Microsoft 365 Copilot Exclusive: Dangerous Mermaid Attack
The Mermaid attack revealed how a hidden prompt in an otherwise harmless file could trick Microsoft 365 Copilot into spilling emails and attachments. Microsoft patched the gap, but the episode is a clear reminder that giving AI broad access can turn convenience into a new, exploitable data risk.

Sneaky Mermaid attack: Exclusive critical Copilot leak
Researchers uncovered a Sneaky Mermaid trick that hid malicious instructions inside ordinary files to make Microsoft 365 Copilot leak tenant emails and attachments. Microsoft patched the specific vector, but the episode is a wake-up call about how AI assistants can be manipulated and why teams must shore up their digital defenses.