CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

New CoPhish technique exploits Microsoft Copilot for OAuth phishing

First reported
Last updated
1 unique sources, 2 articles

Summary

Hide ▲

A new phishing technique called 'CoPhish' leverages Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests. The technique exploits the legitimate and trusted Microsoft domains to trick users into granting permissions to malicious applications. The CoPhish technique was developed by researchers at Datadog Security Labs, who highlighted the risks associated with the flexibility of Copilot Studio. Microsoft has acknowledged the issue and plans to address it in a future update. The attack targets users, including administrators, by embedding malicious applications within Copilot Studio agents. Once activated, these agents can be distributed via email or messaging platforms, making it difficult for users to distinguish between legitimate and malicious requests. Users can protect against CoPhish attacks by limiting administrative privileges, reducing application permissions, enforcing governance policies, implementing a strong application consent policy, disabling user application creation defaults, and closely monitoring application consent via Entra ID and Copilot Studio agent creation events.

Timeline

  1. 25.10.2025 19:16 2 articles · 1d ago

    CoPhish technique exploits Microsoft Copilot for OAuth phishing

    The CoPhish technique was developed by researchers at Datadog Security Labs, who warned in a report that Copilot Studio's flexibility introduces new, undocumented phishing risks. The attack can be distributed via email phishing campaigns or messaging platforms. Microsoft has confirmed it plans to address the underlying issues in a future update. The attack targets users, including administrators, by embedding malicious applications within Copilot Studio agents. Once activated, these agents can be distributed via email or messaging platforms, making it difficult for users to distinguish between legitimate and malicious requests. Users can protect against CoPhish attacks by limiting administrative privileges, reducing application permissions, enforcing governance policies, implementing a strong application consent policy, disabling user application creation defaults, and closely monitoring application consent via Entra ID and Copilot Studio agent creation events.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Malicious OAuth Apps in Microsoft 365 Environments

Security researchers have identified a significant number of malicious OAuth applications in Microsoft 365 environments. These apps, often hidden within legitimate enterprise applications or application registrations, can be used by threat actors to gain unauthorized access to sensitive data. The issue is widespread, with approximately 10% of surveyed tenants containing at least one of these malicious apps. Researchers have developed tools and methodologies to detect and mitigate these threats, emphasizing the need for regular audits of OAuth applications. The discovery highlights the importance of vigilant monitoring and the use of specialized tools to identify and remove these hidden threats.

Open in new tab

Service Desk Exploited as Attack Vector by Social Engineering

Threat actors are increasingly targeting service desks to gain unauthorized access to enterprise systems. Social engineering tactics, often employed by groups like Scattered Spider, exploit help desk agents to reset passwords and gain full domain access. Recent incidents, such as those at MGM Resorts and Clorox, highlight the significant impact of successful social engineering attacks. The primary defense against these attacks is to shift user verification from agent discretion to a formal, security-owned workflow. This approach reduces the burden on agents and ensures consistent, logged, and enforced verification processes.

Open in new tab

VoidProxy phishing service targets Microsoft 365, Google accounts

A new phishing-as-a-service (PhaaS) platform, VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers like Okta. The platform uses adversary-in-the-middle (AitM) tactics to steal credentials, multi-factor authentication (MFA) codes, and session cookies in real time. The attack begins with emails from compromised accounts at email service providers, which include shortened links redirecting recipients to phishing sites. The phishing sites are hosted on disposable low-cost domains and protected by Cloudflare to hide their real IPs. VoidProxy's attack flow involves serving a Cloudflare CAPTCHA challenge, filtering traffic, and presenting phishing pages that mimic Microsoft or Google login screens. Federated accounts using Okta for SSO are redirected to a second-stage phishing page impersonating Microsoft 365 or Google SSO flows. The service's proxy server captures usernames, passwords, and MFA codes in transit, and intercepts session cookies for attackers. Okta Threat Intelligence researchers discovered the platform and noted that users with phishing-resistant authentications like Okta FastPass were protected from these attacks.

Open in new tab

Microsoft 365 logins stolen via ADFS redirects in phishing campaign

A phishing campaign has been observed using legitimate ADFS redirects to steal Microsoft 365 logins. The attackers exploit trusted Microsoft infrastructure to bypass URL-based detection and multi-factor authentication, redirecting users from legitimate office.com links to phishing pages. The campaign targeted multiple organizations, starting with malicious sponsored links in Google search results. The attackers set up a custom Microsoft tenant with ADFS configured, allowing them to receive authorization requests and authenticate users on the phishing page. The phishing site was disguised with fake blog posts and conditional loading restrictions to evade detection and ensure only valid targets accessed the phishing page.

Open in new tab

Zero-click exploit targets AI enterprise agents

AI enterprise agents, integrated with various enterprise environments, are vulnerable to zero-click exploits. Attackers can take over these agents using only a user's email address, gaining access to sensitive data and manipulating users. The exploit affects major AI assistants from Microsoft, Google, OpenAI, Salesforce, and others. Organizations must adopt dedicated security programs to manage ongoing risks associated with AI agents. Current security approaches focusing on prompt injection have proven ineffective. The exploit highlights the need for defense-in-depth strategies and hard boundaries to mitigate risks. Organizations are advised to assume breaches and apply lessons learned from past security challenges.

Open in new tab