Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Reprompt prompt-injection mechanics against Microsoft Copilot

Technical Analysis
First reported
Last updated
Happening score
H score 16
2 unique sources, 2 articles

Summary

Hide ▲

Researchers mapped Reprompt, a prompt-injection chain against Microsoft Copilot that can drive continuous, undetectable user-data exfiltration and persist after the chat is closed. The technique matters because it bypasses normal leak protections through request chaining rather than a single obvious malicious prompt.

Related Happenings

Microsoft 365 Copilot work tab DLP bypass security flaw

Vulnerability
First: 18.02.2026 14:03 Last: 18.02.2026 14:03 Sources 1

About this happening: **Microsoft 365 Copilot** has a **DLP-bypass vulnerability** in its **work tab chat** that can summarize confidential email content, creating a risk that protected messages are pr...

Open Happening

Microsoft NTLM phase-out and disable-by-default plan

Advisory/Mitigation
First: 02.02.2026 17:59 Last: 02.02.2026 17:59 Sources 1

About this happening: **Microsoft** is rolling out a **three-phase NTLM phase-out** for **Windows**, pushing organizations to audit NTLM usage, migrate to **Kerberos**, and prepare for **NTLM-off** con...

Open Happening

Unauthenticated Moltbot instances expose configuration data and credentials

Data Leak
First: 28.01.2026 19:46 Last: 28.01.2026 19:46 Sources 1

About this happening: **Hundreds of unauthenticated Moltbot instances** were found exposing **configuration data**, **API keys**, **OAuth credentials**, and **private chat histories** to unauthorized p...

Open Happening

Visual Studio Code-delivered JavaScript backdoor

Malware Activity
First: 22.01.2026 00:00 Last: 22.01.2026 00:00 Sources 1

About this happening: **North Korean threat actors** are using **malicious Next.js repositories** in a **fake job-recruitment campaign** to trigger **remote code execution (RCE)** on **developer system...

Open Happening

Google Gemini Calendar invite prompt-injection leak path

Technical Analysis
First: 20.01.2026 19:50 Last: 20.01.2026 19:50 Sources 1

About this happening: A **Calendar invite prompt-injection** technique can make **Google Gemini** leak **private meeting details**, turning a routine scheduling query into a data-exposure path. The iss...

Open Happening

Timeline

  1. 15.01.2026 14:09 2 articles · 4mo ago

    Reprompt prompt-injection mechanics against Microsoft Copilot

    Technical Analysis Update

    Varonis researchers disclosed Reprompt, a malicious-link prompt-injection technique against Microsoft Copilot that uses the q parameter to trigger prompt execution, then combines Parameter 2 Prompt (P2P) injection, a double-request technique, and a chain-request technique to bypass leak protections and keep exfiltrating user data even after the Copilot chat is closed. The researchers said the protections only applied to the initial request, that repeated or server-driven follow-up requests could leak more information, and that client-side monitoring tools may miss the back-and-forth prompts; Microsoft resolved the underlying issue, and the issue does not affect enterprise customers using Microsoft 365 Copilot.

    Show sources
    Open in new tab