// #prompt-injection
3 articles
Microsoft 365 Copilot 'SearchLeak' CVE-2026-42824 — One-Click Exfiltration of Emails, Files, and MFA Codes
Varonis Threat Labs chained three vulnerabilities in Microsoft 365 Copilot into a single attack that exfiltrates emails, corporate files, and MFA authentication codes from a victim's account with a single click on a malicious link. Microsoft patched all three flaws server-side; no client update is required, but the disclosure illuminates the structural risks of embedding AI systems with broad data access into enterprise environments.
OpenAI Rolls Out ChatGPT Lockdown Mode to Block Prompt-Injection Data Exfiltration
OpenAI has released ChatGPT Lockdown Mode, a security configuration that prevents ChatGPT from loading external URLs, rendering images from arbitrary sources, or executing third-party plugin calls — the primary vectors for prompt-injection attacks that cause ChatGPT to exfiltrate data to attacker-controlled endpoints. Enterprise and education customers can now enforce Lockdown Mode organisation-wide via the admin console.
Google Antigravity AI Coding Assistant Had Two Chained Vulnerabilities — Prompt Injection to RCE and Reinstall-Surviving Backdoor
Mindgard researchers discovered two vulnerabilities in Google's Antigravity AI coding assistant: a prompt injection via the find_by_name tool that bypasses Strict Mode to achieve code execution, and a persistent backdoor via workspace trust that survives reinstallation of the IDE extension. Google has patched both; update immediately and audit workspace trust settings.