Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.
ZDNET's key takeaways Dubbed "Reprompt," the attack used a URL parameter to steal user data.A single click was enough to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback