BREAKING
Microsoft Patches Copilot Flaw CVE-2026-42824
"SearchLeak" Found by Varonis Threat Labs
One-Click Attack in Three Stages
1Prompt injection
2Race condition img
3SSRF leak
Enterprise Hit, Personal Safe
EnterpriseAffected
Deep corporate access
Email, files, calendar exposed
PersonalSafe
Not affected
0
Microsoft CVSS
0
NVD CVSS
0
Real-world abuse
A New Stage of AI Security Risk
AI NEWS BLITZ
Microsoft has patched a one-click data-theft flaw in M365 Copilot Enterprise.