A single click mounted a covert, multistage attack against Copilot

Found 1 hour ago ago at Arstechnica

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a URL. The hackers in this case were white hat researchers from security firm Varonis . The net effect of their multistage attack was that they exfiltrated data, including the targets name, location, and details of specific events from the users Copilot chat history. The attack continued to run even when the user closed the Copilot chat, with no...

Read the full article at Arstechnica

More General News

A single click mounted a covert, multistage attack against Copilot

Found 1 hour ago at Arstechnica

US gov’t: House sysadmin stole 200 phones, caught by House IT desk

Found 2 hours ago at Arstechnica

What Happens When PC Memory Prices Are Too Much to Handle?

Found 5 hours ago at Gizmodo

British Police Used Microsoft Copilot for Faulty Report That Led to Ban on Soccer Team Fans

Found 8 hours ago at Gizmodo

Deny, deny, admit: UK police used Copilot AI “hallucination” when banning football fans

Found 8 hours ago at Arstechnica