Caging Copilot: Lessons Learned in LLM Security

This report recounts smoke-testing Microsoft Copilot in enterprise and business contexts, demonstrating that Copilot can be leveraged by an attacker with a compromised account to locate sensitive files, summarize emails/Teams messages, suggest phishing content, and reveal confidential details when permitted by user permissions; the author emphasizes mitigation via Zero Trust, RBAC, DLP, monitoring, and least-privilege access.