Your Copilot data can be hijacked with a single click - here's how
zdnet.com
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Dubbed "Reprompt," the attack used a URL parameter to steal user data.
- A single click was enough to trigger the entire attack chain.
- Attackers could pull sensitive Copilot data, even after the window closed.
Researchers have revealed a new attack that requires only one click to execute, bypassing Microsoft Copilot security controls and enabling the theft of user data.
Also: How to remove Copilot AI from Windows 11 today
Meet Reprompt
On Wednesday, Varonis Threat Labs published new research documenting Reprompt, a new attack method that impacts Microsoft's Copilot AI assistant.
Reprompt impacts Microsoft Copilot Personal and, according to the team, "gives threat actors an invisible entry point to perform a data exfiltration chain that bypasses enterprise security controls entirely and accesses sensitive data without detection -- all from ...
Copyright of this story solely belongs to zdnet.com . To see the full text click HERE