Copilot 'SearchLeak' Attack Allows 1-Click Data Theft

Summary

A critical vulnerability dubbed 'SearchLeak' in Microsoft Copilot has been patched, which allowed attackers to steal data with a single click. The attack exploited prompt injection techniques, leveraging hidden URLs and other variables to trick the AI into revealing sensitive information. This incident highlights a growing class of vulnerabilities targeting AI systems.

Entities