Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
Summary
A critical three-stage attack called 'SearchLeak' could allow attackers to steal data from Microsoft Copilot with just one click by exploiting prompt injection (tricking an AI by hiding instructions in its input) through hidden URLs and other hidden variables. This attack is part of a larger category of security issues affecting AI systems that use similar injection techniques. The vulnerability has already been patched.
Solution / Mitigation
The attack has been patched, though the source does not specify the patch version or detailed remediation steps.
Classification
Affected Vendors
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://www.darkreading.com/application-security/copilot-searchleak-attack-1-click-data-theft
First tracked: June 15, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%