Skip to content

Let's Data ScienceLearn • Practice • Excel

News
Blog
Pricing

© 2026 Let's Data Science

Pricing Terms Privacy

NewsMicrosoft Copilot Enables Hidden Prompt Exploits

Industry Newsprompt injectionemail securitymicrosoft copilotdata exfiltration

Microsoft Copilot Enables Hidden Prompt Exploits

gbhackers.com

|March 13, 2026

9.2

Relevance Score

Microsoft Copilot Enables Hidden Prompt Exploits

Recent research by Permiso shows Microsoft 365 Copilot can be manipulated via hidden HTML/CSS 'cross prompt injection' attacks embedded in emails, causing the assistant to generate attacker-controlled summaries or fake security alerts. Tests found varying guardrail effectiveness across Outlook's Summarize button, Outlook Copilot pane, and Teams Copilot, with Teams most susceptible. The vulnerability enables model-mediated phishing and potential one-click data exfiltration from OneDrive, SharePoint, and Teams.

Scoring Rationale

High practical severity and industry-wide reach, mitigated slightly by reliance on a single security research report.

Practice interview problems based on real data

1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems

Free Career Roadmaps8 PATHS

Step-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.

Explore all career paths

Sources

Microsoft Copilot Email and Teams Summarization Flaw Opens Door to Phishing Attacks
gbhackers.com
Read Original

Share

More AI & Data Science News

DRDO Director Warns 25 Percent May Be Jobless

DRDO Director Warns 25 Percent May Be Jobless

Andhra Pradesh Launches Talent AP To Upskill Workforce

Andhra Pradesh Launches Talent AP To Upskill Workforce

Physics Forums Admits Using AI to Post Replies

Wall Street Banks Buy Grok Subscriptions

Wall Street Banks Buy Grok Subscriptions

Back to News Feed