Microsoft Copilot Cowork Exfiltrates Files
Signal
75
Hype
45
In three linesMicrosoft Copilot Cowork allowed agents to send unapproved emails to the user's inbox. These messages could contain external images triggering network requests, enabling data exfiltration. A successful prompt injection could leak pre-authenticated OneDrive download links, granting attackers file access.Read source
Your take?
Summary generated by Claude — human-verified