17:09
2026-06-15
letsdatascience.com
ai-safety
Researchers Reveal One-Click Microsoft 365 Copilot Data-Exfiltration Flaw
Varonis Threat Labs disclosed a critical one-click data-exfiltration vulnerability in Microsoft 365 Copilot Enterprise Search, tracked as CVE-2026-42824. The attack chains a parameter-to-prompt injectβ¦