Varonis Threat Labs identified a new AI vulnerability called Reprompt in Microsoft Copilot that allows attackers to exploit a single click on a seemingly legitimate link to bypass security controls and exfiltrate sensitive user data without detection. This attack can lead to significant data breaches by firing off malicious commands that continue even after the user interacts with the Copilot. Key methods involve URL parameter manipulation and managing hidden follow-up requests, making it difficult to spot the exploitation attempts. Microsoft has since patched the vulnerability. Recommendations are made for both vendors and users to enhance security against such vulnerabilities.
Reprompt: The Single-Click Microsoft Copilot Attack That Silently Steals Your Personal Data

