logo

Copilot 'SearchLeak' Attack Allows 1-Click Data Theft

ID: 47bfe716-4ddf-5ed3-99f8-fae0ddeaa527

STIX ID: report--47bfe716-4ddf-5ed3-99f8-fae0ddeaa527

Feed Name: Dark Reading

Threat Score
65/100

Date Published: 2026-06-15

Date Updated: 2026-06-16

Author: Alexander Culafi

...
...

Varonis disclosed 'SearchLeak', a parameter-to-prompt injection vulnerability (CVE-2026-42824) in Microsoft 365 Copilot that could allow attackers to exfiltrate emails, MFA codes, and internal files via crafted Copilot search links; Microsoft has patched the issue. The report explains how attackers abuse image tags and Bing's server-side fetch to bypass guardrails and warns this represents a broader class of risks in LLM-powered enterprise assistants.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.