Hackers turn Microsoft 365 Copilot into a one-click data theft tool

Varonis found a way to chain three bugs into one exploit that can lead to data exfiltration.
ZDNet

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Malicious web prompts can weaponize AI without your input. Indirect prompt injection is now a top LLM security risk. Don't treat AI chatbots as fully secure or all-knowing. Artificial intelligence (AI ...