Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.
It can collect and exfiltrate sensitive data such as web browser credentials, cookies, system information, messaging app and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback