A recent proof-of-concept attack against Microsoft’s M365 Copilot Enterprise highlights what could be a much broader prompt injection threat based on a common way many AI-enhanced web services operate. Dubbed SearchLeak, the attack hinged on a typical malicious objective: to leak sensitive corporate data by tricking employees to click on specially crafted links. To carry out the attack, researchers combined three weaknesses in the Copilot Enterprise Search implementation — one of which stands...

Read the original article