Blog.Malwarebytes
Microsoft Copilot Data Theft via Reprompt Attack Exploit
First seen 15 Jan 2026, 18:00 UTC
•



+4
•78% similarity
•32.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Researchers revealed a security exploit in Microsoft Copilot that allowed attackers to steal user data through a single malicious link. This 'Reprompt' attack bypassed data leak protections and enabled session exfiltration even after the Copilot chat was closed. A patch has been released to address this vulnerability.
ThreatCluster AI