Incident · curated 27 Jun 2026
First reported 15 Jun 2026 · 11d ago
Single-source incident — first reported, latest, and curated coincide.
It demonstrates how prompt injection with hidden URLs can exfiltrate data from AI assistants like Copilot, a direct risk to enterprise users.
A three-stage 'SearchLeak' attack against Copilot enabled 1-click data theft using hidden URLs and other variables, part of a new class of AI prompt-injection issues. The vulnerability has now been patched.
Why it matters
It demonstrates how prompt injection with hidden URLs can exfiltrate data from AI assistants like Copilot, a direct risk to enterprise users.