Quality Press

Reported by Ars Technica AI. Good journalism, but verify key claims with the original source they cite.

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL.

Ars Technica AI · Jan 14, 2026 22:03 UTC · ~3 min read

Read Original

A single click mounted a covert, multistage attack against Copilot

TLDR

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL.

Open

O open S save B back M mode