fromZDNET
1 week agoHow a simple link allowed hackers to bypass Copilot's security guardrails - and what Microsoft did about it
Reprompt impacted Microsoft Copilot Personal and, according to the team, gave "threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls entirely and accesses sensitive data without detection -- all from one click." No user interaction with Copilot or plugins was required for this attack to trigger. Instead, victims had to click a link.
Information security