Copilot
Reprompt attack let hackers hijack Microsoft Copilot sessions
Researchers identified an attack method dubbed “Reprompt” that could allow attackers to infiltrate a user’s Microsoft Copilot session and issue commands to exfiltrate sensitive data. By hiding a malicious prompt inside a legitimate URL and bypassing Copilot’s protections, a hacker could maintain access to a victim’s LLM session after the user clicks on a single […]
Microsoft may soon allow IT admins to uninstall Copilot
Microsoft is testing a new policy that allows IT administrators to uninstall the AI-powered Copilot digital assistant on managed devices. The new RemoveMicrosoftCopilotApp policy began rolling out today to systems in the Dev and Beta Insider channels that have installed Windows 11 Insider Preview Build 26220.7535 (KB5072046). As the Windows Insider team explained in a […]
Are Copilot prompt injection flaws vulnerabilities or AI limits?
Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The development highlights a growing divide between how vendors and researchers define risk in generative AI systems. AI vulnerabilities or known limitations? “Last month, I discovered 4 vulnerabilities in Microsoft […]
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. GPT-5.2 is described as OpenAI’s strongest model series so far, and it allows you to finish real tasks faster, including things like building spreadsheets and presentations, writing and reviewing code, understanding […]
Microsoft investigates Copilot outage affecting users in Europe
Microsoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company’s AI-powered Copilot digital assistant. Additionally, some users who can access the affected service may experience degraded functionality with specific features. “We’re investigating an issue in which users in the United Kingdom may be unable to access Microsoft Copilot, or […]
Windows 11 tests shared Bluetooth audio support, but only for AI PCs
If you have two headphones, speakers, or any other Bluetooth hardware, you can now share audio between the two devices simultaneously on a Copilot+ PC. Microsoft is testing a new feature called “shared audio,” which is built on top of Bluetooth LE Audio broadcast technology. With Bluetooth LE Audio broadcast technology, Windows can now transmit an audio stream to […]
Microsoft promises more Copilot features in Microsoft 365 companion apps
Microsoft 365 companion apps will be getting more Copilot features in the coming weeks. Right now, Copilot works only inside two companion apps, People and Files. In the coming weeks, Microsoft plans to add Copilot to the Calendar companion as well. For those unaware, Microsoft 365 companions are only available for enterprises or businesses. Microsoft 365 Personal users won’t get […]
Microsoft: Copilot now lets you build apps, automate workflows
Microsoft announced today a new Microsoft 365 Copilot agent called App Builder that can help users create and deploy apps “in minutes.” As Microsoft explained, this agent allows employees to build apps using their Microsoft 365 data, including documents, presentations, spreadsheets, and notes, “just as easily as having a conversation.” “Describe what you need in […]
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
The Australian Competition and Consumer Commission (ACCC) is suing Microsoft for allegedly misleading 2.7 million Australians into paying for the Copilot AI assistant in the Microsoft 365 service. Even though subscribers could have stayed on their existing plan without Copilot and at the same price, the ACCC says that Microsoft concealed that option and designed […]
New CoPhish attack steals OAuth tokens via Copilot Studio agents
A new phishing technique dubbed ‘CoPhish’ weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. The technique was developed by researchers at Datadog Security Labs, who warned in a report earlier this week that Copilot Studio’s flexibility introduces new, undocumented phishing risks. Although CoPhish relies on social […]