AI Generated Image
New attack turned Microsoft 365 Copilot into 1-click data theft tool
BleepingComputer • • technology
Key Points:
- A critical vulnerability chain named SearchLeak in Microsoft 365 Copilot Enterprise could enable attackers to steal sensitive data from mailboxes, OneDrive, or SharePoint by exploiting a specially crafted URL.
- The attack combines three flaws: a parameter-to-prompt injection, an HTML rendering race condition, and a content-security-policy bypass via Bing server-side request forgery (SSRF), allowing exfiltration of emails, calendar events, and documents.
- The exploit works by tricking users into clicking a link that instructs Copilot to search their data and embed stolen information in an image URL, which Bing then unwittingly fetches, bypassing security protections.
- Microsoft has addressed the vulnerability under CVE-2026-42824 with a critical severity rating, and no user action is needed to mitigate the threat.
- Researchers highlight that AI systems like Copilot can amplify the impact of traditional bugs such as SSRF and HTML injection by enabling novel attack chains through prompt injection.
