Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Tech » Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

2 days ago venturebeat
Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security ...

1