[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:one-click-microsoft-365-copilot-flaw-could-have-let-attackers-steal-emails-files-mqgydyav":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":17,"article_ids":18,"ioc_summary":20,"source_urls":21,"status":23,"expires_at":24,"created_at":25,"updated_at":26,"articles":27},"c2adf989-4a99-4696-97c9-f01f493fd139","One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes","one-click-microsoft-365-copilot-flaw-could-have-let-attackers-steal-emails-files-mqgydyav","A critical vulnerability in Microsoft 365 Copilot Enterprise Search allowed attackers to steal emails, files, and MFA codes through a single malicious click. The flaw chained three bugs including prompt injection and used Bing image search to exfiltrate data, bypassing standard security controls. All M365 Copilot Enterprise users are affected until backend mitigations are verified.","critical","advisory",[],[13,14,15,16],"Microsoft 365 Copilot Enterprise Search","Microsoft","Copilot Personal","Varonis Threat Labs","Immediately audit M365 Copilot Enterprise access logs for suspicious Bing image search requests and anomalous data access patterns. Cross-reference with email and file exfiltration indicators. Escalate any suspicious activity for credential review and MFA reset.",[19],"dfeb0510-384f-47c4-b9bf-bb0eb2e6dbaf",null,[22],"https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fone-click-microsoft-365-copilot-flaw.html","active","2026-06-18T18:06:02.775+00:00","2026-06-16T18:06:07.665595+00:00","2026-06-16T18:06:53.302934+00:00",[28],{"id":19,"title":6,"url":22}]