Post by @jbz@indieweb.social

🧋 Microsoft Copilot Cowork Exfiltrates Files

｢ This is done by exploiting the fact that, unlike other sensitive actions, sending emails and Teams messages to the active user does not require human approval, and opening the compromised messages in Teams or Outlook can trigger attacker-controlled network requests ｣

https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

#Promptinjection #ai #copilot #cybersecurity

Microsoft Copilot Cowork Exfiltrates Files

Microsoft Copilot Cowork is vulnerable to file exfiltration attacks via indirect prompt injection as a result of insecure automatic action approvals for sending Emails and Teams messages.

#promptinjection #copilot #cybersecurity #ai

No replies yet

Be the first to share your thoughts.

Home Login