"How to Weaponize Microsoft Copilot for Cyberattackers"

Companies are rapidly implementing Microsoft's Copilot Artificial Intelligence (AI)-based chatbots to improve data collection and time management. However, threat actors also benefit from Copilot. According to security researcher Michael Bargury, attackers can use Copilot to search for data, exfiltrate it without logs, and socially engineer victims to phishing sites without having them open emails or click links. Bargury has demonstrated how Copilot is vulnerable to prompt injections that enable hackers to evade its security controls. This article continues to discuss Bargury's release of a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot.

Dark Reading reports "How to Weaponize Microsoft Copilot for Cyberattackers"

Submitted by grigby1

Submitted by Gregory Rigby on