data exfiltration

Varonis Threat Labs’ proof‑of‑concept shows that a deceptively small convenience — allowing Microsoft Copilot to accept a prefilled prompt from a URL — could be chained into a practical, one‑click data‑exfiltration technique that targeted Copilot Personal and could, under lab conditions, siphon...

A deceptively small design choice — allowing Copilot to accept a prefilled prompt from a URL — has been chained into a practical, one‑click data‑exfiltration technique that bypassed Copilot Personal safeguards and let an attacker quietly siphon profile data, file summaries and conversational...

A new, deceptively simple attack named “Reprompt” has exposed a critical weakness in Microsoft Copilot Personal: with a single click on a legitimate Copilot deep link an attacker could, under the right conditions, mount a multistage, stealthy data‑exfiltration chain that pulls names, locations...

Microsoft's Copilot ecosystem landed in the headlines this week for two very different reasons: a high‑profile, single‑click data‑exfiltration proof‑of‑concept dubbed Reprompt that security researchers say Microsoft has patched, and the wider rollout of developer tooling with the Copilot Studio...

Microsoft Copilot users face a new prompt-injection vector that researchers say can be triggered with a single click — a technique reported as “Reprompt” that abuses URL parameters to feed malicious prompts into Copilot, bypass built‑in safeguards, and siphon sensitive content from user sessions...

A row of deceptively benign Chrome extensions—installed by hundreds of thousands of users—were audited and exposed this week as active surveillance tools that collect and exfiltrate entire conversations with AI assistants (notably ChatGPT and DeepSeek) along with full browsing context to...

A chain of recent disclosures shows that seemingly helpful browser extensions — including a long‑running Chrome add‑on and several “privacy” VPN tools with millions of installs — quietly gained the ability to intercept, record and transmit users’ AI-chat conversations and web traffic, turning...

Security researchers have exposed a family of seemingly benign Chrome and Edge extensions that quietly intercepted entire conversations with major AI chat services and forwarded those chats to remote analytics servers—an exposure that affects millions of users and raises urgent questions about...

Security researchers disclosed that a widely used Chrome extension, Urban VPN Proxy, quietly began harvesting full conversations with major AI chat services after a July 2025 update, capturing every prompt and response and shipping that data to analytics backends owned or affiliated with the...

Security researchers have uncovered a startling privacy breach in plain sight: several widely used Google Chrome and Microsoft Edge extensions — marketed as privacy and security tools — were quietly intercepting users’ conversations with AI assistants and sending those chats to third parties for...

A family of popular browser extensions marketed as free VPNs and privacy tools secretly intercepted entire conversations with ChatGPT, Google Gemini, Anthropic Claude and several other AI chat services, then forwarded those chats to analytics servers and — according to researchers — to a...

Guy Zetland and Keren Katz report that a Tenable AI Research proof‑of‑concept has turned Microsoft Copilot Studio’s promising no‑code agent model into a glaring attack surface: simple prompt injections can coax agents into leaking sensitive records — including credit card data — and even change...

A sprawling, seven‑year campaign that quietly converted trusted Chrome and Edge extensions into full‑blown spyware has been revealed — and the fallout touches millions of users who never suspected their productivity or wallpaper add‑ons were silently watching them. Background / Overview Security...

Microsoft’s own documentation and recent reporting make a blunt admission: the new agentic AI capabilities arriving in Windows 11 introduce novel security risks that can — if mismanaged — lead to data theft or automated malware installation, and Microsoft is explicitly gating these features...

A deceptively simple diagram turned into a conduit for data theft: security researcher Adam Logue disclosed an indirect prompt‑injection chain that coaxed Microsoft 365 Copilot to fetch private tenant data, hex‑encode it, and hide it inside a Mermaid diagram styled as a fake “Login” button — a...

Microsoft 365 Copilot was briefly weaponized by a clever indirect prompt‑injection chain that turned Mermaid diagrams — the lightweight text-to-diagram tool now supported across Microsoft’s Copilot-enabled experiences — into a covert data‑exfiltration channel, allowing an attacker to have tenant...

GitHub Copilot Chat was quietly turned into an exfiltration channel by a newly disclosed flaw, dubbed CamoLeak, that let attackers hide prompts in pull requests and smuggle private data out of repositories using GitHub’s own image proxy — a potent reminder that integrating AI into development...

A new wave of security reports says ordinary employees are quietly turning generative AI into an unexpected exfiltration channel — copy‑pasting financials, customer lists, code snippets and even meeting recordings into ChatGPT and other consumer AI services — and the result is a systemic blind...

Speaker Mike Johnson’s announcement at the Congressional Hackathon that the U.S. House will begin a staged pilot giving thousands of House staffers access to Microsoft Copilot marks a dramatic reversal of last year’s ban and opens a high‑stakes test of how a legislative body adopts generative AI...

The House of Representatives has quietly moved from prohibition to adoption: according to an Axios briefing shared with reporters, the House will begin rolling out Microsoft Copilot for members and staff as part of a broader push to modernize the chamber and integrate artificial intelligence...