Single click attack against Copilot

A single click on a legitimate URL mounted a covert, multistage attack against Microsoft's Copilot AI assistant, allowing hackers to extract sensitive user data. This exploit, discovered by white-hat researchers from Varonis, continued to run even after users closed the chat window. Microsoft has since fixed the vulnerability and implemented safeguards to prevent such data theft.