{"data":{"id":"7d95fe72-3d76-4f99-8e33-397769c3fd9b","title":"Copirate 365 at DEF CON: Plundering in the Depths of Microsoft Copilot (CVE-2026-24299)","summary":"This writeup describes vulnerabilities found in Microsoft Copilot products that allow attackers to steal sensitive data through multiple attack chains, including data exfiltration via HTML preview features, hijacking the AI's long-term memory through prompt injection (tricking an AI by hiding instructions in its input), and creating persistent backdoors. The vulnerabilities, assigned CVE-2026-24299, exploited what researchers call the \"lethal trifecta,\" where an AI has access to private data, untrusted content, and external communication channels simultaneously.","solution":"Microsoft patched these issues. The source states: \"MSRC assigned CVE-2026-24299 and the issues are now patched.\" No specific patch version number or detailed mitigation steps are provided in the source text.","labels":["security"],"sourceUrl":"https://embracethered.com/blog/posts/2026/defcon-talk-copirate-365/","publishedAt":"2026-05-04T13:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft Copilot","M365 Copilot","Consumer Copilot","Microsoft Office"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-04T13:00:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}