BleepingComputer ยท Jun 15, 2026 13:00 UTC

New attack turned Microsoft 365 Copilot into 1-click data theft tool

Read full story on BleepingComputer
Share
New attack turned Microsoft 365 Copilot into 1-click data theft tool

Summary

A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL. [...]

Original reporting

Open original source
Read full article on BleepingComputer

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.