Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
ID: 47bfe716-4ddf-5ed3-99f8-fae0ddeaa527
STIX ID: report--47bfe716-4ddf-5ed3-99f8-fae0ddeaa527
Feed Name: Dark Reading
Threat Score
Varonis disclosed 'SearchLeak', a parameter-to-prompt injection vulnerability (CVE-2026-42824) in Microsoft 365 Copilot that could allow attackers to exfiltrate emails, MFA codes, and internal files via crafted Copilot search links; Microsoft has patched the issue. The report explains how attackers abuse image tags and Bing's server-side fetch to bypass guardrails and warns this represents a broader class of risks in LLM-powered enterprise assistants.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
