Microsoft Copilot Cowork Exfiltrates Files
Source: News.Ycombinator
Published:
<p>Microsoft Copilot Cowork is vulnerable to file exfiltration attacks via indirect prompt injection as a result of insecure automatic action approvals for sending Emails and Teams messages.</p> <p>This attack achieved a high success rate against state-of-the-art models, including Claude Opus 4.7.</