Codex Exfiltrates Connector Data
Researchers at PromptArmor demonstrated that a malicious email could manipulate OpenAI's Codex for Everything to exfiltrate the complete contents of other emails via an indirect prompt injection, send…
Researchers at PromptArmor demonstrated that a malicious email could manipulate OpenAI's Codex for Everything to exfiltrate the complete contents of other emails via an indirect prompt injection, send…
On May 27, 2026, security firm PromptArmor disclosed that ChatGPT for Google Sheets, an OpenAI extension with over 185,000 downloads, could be exploited to exfiltrate user spreadsheets through a singl…
Microsoft Copilot Cowork, a Microsoft 365 feature, is vulnerable to file exfiltration attacks through indirect prompt injection, as it automatically approves actions like sending emails and Teams mess…
Microsoft Copilot Cowork contains a vulnerability that allows attackers to exfiltrate files through indirect prompt injection attacks. The flaw exploits the system's broad permissions, enabling unauth…