Microsoft Copilot Data Theft via Reprompt Attack Exploit

Microsoft Copilot Data Theft via Reprompt Attack Exploit

First seen 15 Jan 2026, 18:00 UTC WindowscentralItnews.AuFeeds.FeedburnerBlog.MalwarebytesScworld+4 78% similarity 32.0

Article Content

Browse articles
ThreatCluster

Researchers revealed a security exploit in Microsoft Copilot that allowed attackers to steal user data through a single malicious link. This 'Reprompt' attack bypassed data leak protections and enabled session exfiltration even after the Copilot chat was closed. A patch has been released to address this vulnerability.

ThreatCluster AI

Community

Browse all →