Copilot Studio is a technology platform tracked across 4 threat clusters and 8 intelligence report mentions on ThreatCluster. First observed December 11, 2025; most recent activity April 15, 2026.
Microsoft and Salesforce have patched serious prompt injection vulnerabilities in their AI platforms, Copilot Studio and Agentforce, respectively. Capsule Security identified these flaws, allowing attackers to…
Security researchers at Zenity Labs have identified critical design flaws in Microsoft’s Copilot Studio, specifically in the newly introduced Connected Agents feature. These vulnerabilities enable attackers to…
Tenable's research shows that Microsoft Copilot Studio's no-code AI agents can be exploited through prompt injection attacks, resulting in data leakage and financial fraud. This vulnerability affects organizations using…
AI agents can be manipulated by attackers to generate URLs that leak sensitive data through link previews in messaging apps. This vulnerability was identified by AI security firm PromptArmor, highlighting the risks…