Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
Dark Reading

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker ...
CSO Online

Copilot and Agentforce fall to form-based prompt injection tricks

Prompt injection flaws in Microsoft Copilot Studio and Salesforce Agentforce let attackers weaponize form inputs to override ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...
Yahoo Malaysia

Microsoft SharePoint Venom Attack Targets C-Suite Executives By Name

C-Suite executives are being warned that a previously undocumented Microsoft attack platform, codename Venom, can neutralize ...

Microsoft Venom Attack Targets C-Suite Executives

C-Suite executives are being warned that a previously undocumented Microsoft attack platform, codename Venom, can neutralize ...