CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing

Datadog SecurityLabs demonstrates a novel OAuth consent phishing technique that leverages Microsoft Copilot Studio agents: an attacker configures a malicious or externally-registered OAuth application and backdoors the agent's system sign-in topic to forward the victim's User.AccessToken to an attacker-controlled endpoint. The report documents attack scenarios against unprivileged users and Application Administrators (allowing delegated Microsoft Graph access such as Mail.ReadWrite, Mail.Send, Notes.ReadWrite or broader scopes), shows an example token capture, and recommends mitigations and monitoring (stronger application consent policies, restrict app registration, and audit Copilot Studio and Entra ID logs).