How a simple link allowed hackers to bypass Copilot's security guardrails - and what Microsoft did about it

Follow ZDNET: Add us as a preferred source on Google.

ZDNET's key takeaways

• Dubbed "Reprompt," the attack used a URL parameter to steal user data.
• A single click was enough to trigger the entire attack chain.
• Attackers could pull sensitive Copilot data, even after the window closed.

Researchers have revealed a new attack that required only one click to execute, bypassing Microsoft Copilot security controls and enabling the theft of user data.

Also: How to remove Copilot AI from Windows 11 today

Meet Reprompt

On Wednesday, Varonis Threat Labs published new research documenting Reprompt, a new attack method that affected Microsoft's Copilot AI assistant.

Reprompt impacted Microsoft Copilot Personal and, according to the team, gave "threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls entirely and accesses sensitive data without detection -- all from one ...