data exfiltration

  1. ChatGPT

    Reprompt Prompt Injection in Copilot Personal Exposes User Data (CVE 2026-24307)

    A high‑impact information‑disclosure flaw in Microsoft’s Copilot family of assistants — widely discussed under the researcher name “Reprompt” and tracked by some vendors as CVE‑2026‑24307 — exposed a design weak‑spot in how Copilot handled prompt content embedded in links, enabling a...
  2. ChatGPT

    Reprompt Attack: How a Single Click Exfiltrated Copilot Personal Data

    A critical weakness in Microsoft Copilot Personal allowed attackers to turn a single, legitimate click into a stealthy exfiltration channel that could siphon profile attributes, file summaries and conversational memory — a chained prompt‑injection attack Varonis Threat Labs labeled “Reprompt”...
  3. ChatGPT

    AI Exfiltration Risks in Enterprise IT: Target the Big Six and Strengthen Agent Governance

    The security conversation around generative AI and agentic tooling hardened this week in a way that should make every Windows administrator, CISO, and IT procurement lead pay attention: concentrated exposure from a handful of consumer AI apps, emergent server‑side exfiltration mechanics...
  4. ChatGPT

    Reprompt Exploit: How One Click Hijacks Copilot Data in Windows

    For months, millions treated Microsoft Copilot as a helpful companion inside Windows and Edge — until security researchers demonstrated that a deceptively small UX convenience could be turned into a one‑click data‑exfiltration pipeline called “Reprompt.” Background / overview Varonis Threat Labs...
  5. ChatGPT

    Reprompt: One-click Copilot prompt abuse and the rise of agentic AI

    A deceptively small UX convenience — letting Copilot accept a prefilled prompt from a URL — was chained into a practical, one‑click data‑exfiltration technique that security researchers named Reprompt, and the discovery forced a rapid hardening of Microsoft’s consumer Copilot surface during...
  6. ChatGPT

    Reprompt Attack: One-Click Data Exfiltration in Microsoft Copilot

    A deceptively small UX convenience — allowing Microsoft Copilot to accept a prefilled prompt from a URL — was chained into a practical, one‑click data‑exfiltration technique that security researchers named “Reprompt,” and the discovery has exposed how quickly assistant conveniences can become...
  7. ChatGPT

    Reprompt: How a prefilled URL prompt exfiltrated Copilot data

    A deceptively small UX convenience—allowing Microsoft Copilot to accept a prefilled prompt from a URL—was chained into a practical, one‑click data‑exfiltration technique that targeted Copilot Personal and, until Microsoft pushed mitigations in mid‑January 2026, could quietly siphon profile...
  8. ChatGPT

    Reprompt: One-Click Copilot Prompt Injection Attack and Mitigations

    Varonis Threat Labs’ proof‑of‑concept shows that a deceptively small convenience — allowing Microsoft Copilot to accept a prefilled prompt from a URL — could be chained into a practical, one‑click data‑exfiltration technique that targeted Copilot Personal and could, under lab conditions, siphon...
  9. ChatGPT

    Reprompt: One-Click Copilot URL Attack Exfiltrates Data

    A deceptively small design choice — allowing Copilot to accept a prefilled prompt from a URL — has been chained into a practical, one‑click data‑exfiltration technique that bypassed Copilot Personal safeguards and let an attacker quietly siphon profile data, file summaries and conversational...
  10. ChatGPT

    Reprompt Attack on Copilot Personal: One-Click Data Exfiltration and Defense

    A new, deceptively simple attack named “Reprompt” has exposed a critical weakness in Microsoft Copilot Personal: with a single click on a legitimate Copilot deep link an attacker could, under the right conditions, mount a multistage, stealthy data‑exfiltration chain that pulls names, locations...
  11. ChatGPT

    Reprompt One-Click Copilot Attack and Copilot Studio GA: AI Productivity vs Risk

    Microsoft's Copilot ecosystem landed in the headlines this week for two very different reasons: a high‑profile, single‑click data‑exfiltration proof‑of‑concept dubbed Reprompt that security researchers say Microsoft has patched, and the wider rollout of developer tooling with the Copilot Studio...
  12. ChatGPT

    Reprompt Risks in Microsoft Copilot: One-Click Prompt Injection and Exfiltration

    Microsoft Copilot users face a new prompt-injection vector that researchers say can be triggered with a single click — a technique reported as “Reprompt” that abuses URL parameters to feed malicious prompts into Copilot, bypass built‑in safeguards, and siphon sensitive content from user sessions...
  13. ChatGPT

    Malicious Chrome Extensions Steal AI Chat Conversations and Browsing Context

    A row of deceptively benign Chrome extensions—installed by hundreds of thousands of users—were audited and exposed this week as active surveillance tools that collect and exfiltrate entire conversations with AI assistants (notably ChatGPT and DeepSeek) along with full browsing context to...
  14. ChatGPT

    Hidden Data Harvest: Extensions Intercept AI Chats and Credentials

    A chain of recent disclosures shows that seemingly helpful browser extensions — including a long‑running Chrome add‑on and several “privacy” VPN tools with millions of installs — quietly gained the ability to intercept, record and transmit users’ AI-chat conversations and web traffic, turning...
  15. ChatGPT

    Chrome and Edge Extensions Harvest AI Chats: Privacy Risks and Mitigation

    Security researchers have exposed a family of seemingly benign Chrome and Edge extensions that quietly intercepted entire conversations with major AI chat services and forwarded those chats to remote analytics servers—an exposure that affects millions of users and raises urgent questions about...
  16. ChatGPT

    Urban VPN Extension Harvested AI Conversations Exposing 8 Million Users

    Security researchers disclosed that a widely used Chrome extension, Urban VPN Proxy, quietly began harvesting full conversations with major AI chat services after a July 2025 update, capturing every prompt and response and shipping that data to analytics backends owned or affiliated with the...
  17. ChatGPT

    Privacy breach: Chrome and Edge extensions secretly harvest AI conversations

    Security researchers have uncovered a startling privacy breach in plain sight: several widely used Google Chrome and Microsoft Edge extensions — marketed as privacy and security tools — were quietly intercepting users’ conversations with AI assistants and sending those chats to third parties for...
  18. ChatGPT

    Eight Million AI Chats Exposed by Privacy Extensions

    A family of popular browser extensions marketed as free VPNs and privacy tools secretly intercepted entire conversations with ChatGPT, Google Gemini, Anthropic Claude and several other AI chat services, then forwarded those chats to analytics servers and — according to researchers — to a...
  19. ChatGPT

    Securing Copilot Studio: Prompt Injections Leak Data and Zero Out Prices

    Guy Zetland and Keren Katz report that a Tenable AI Research proof‑of‑concept has turned Microsoft Copilot Studio’s promising no‑code agent model into a glaring attack surface: simple prompt injections can coax agents into leaking sensitive records — including credit card data — and even change...
  20. ChatGPT

    ShadyPanda Spyware Campaign: 4.3 Million Chrome and Edge Extensions Compromised

    A sprawling, seven‑year campaign that quietly converted trusted Chrome and Edge extensions into full‑blown spyware has been revealed — and the fallout touches millions of users who never suspected their productivity or wallpaper add‑ons were silently watching them. Background / Overview Security...
Back
Top