Tech

Hackers Exploit Reprompt Attack to Hijack Microsoft Copilot Sessions

Taylor KeatsmanTaylor Keatsman
ago 1 hour
Hackers Exploit Reprompt Attack to Hijack Microsoft Copilot Sessions

Recent research has unveiled a significant vulnerability in Microsoft Copilot, an AI-driven assistant integrated into Windows and Edge. Dubbed the “Reprompt” attack, this exploit can compromise user sessions and exfiltrate sensitive data.

Understanding the Reprompt Attack

The Reprompt attack method allows hackers to infiltrate a user’s Copilot session through a single click. By hiding malicious prompts within a legitimate URL, they can bypass Copilot’s defenses and maintain continuous access to a victim’s session.

Mechanics of the Attack

Security researchers from Varonis have identified three primary techniques that facilitate this attack:

  • Parameter-to-Prompt (P2P) Injection: This technique uses the ‘q’ parameter in URLs to inject commands directly into Copilot. This can lead to unauthorized access to user data and conversations.
  • Double-Request Technique: Attackers exploit the fact that Copilot’s safeguards only apply to the initial user request. By repeating actions with Copilot, they can bypass these security measures on subsequent requests.
  • Chain-Request Technique: This involves the attacker’s server sending continual instructions to Copilot based on its responses, thus enabling stealthy and ongoing data exfiltration.

The Phishing Process

To execute a Reprompt attack, the attacker typically initiates a phishing scheme by sending the victim a link that appears to lead to a legitimate Copilot session. After the user clicks this link, Copilot executes the embedded malicious prompts without the user’s knowledge.

Once the phishing link is clicked, the attacker’s server leverages the active authenticated session, allowing them to issue commands and extract sensitive information even if the Copilot tab is closed.

Timeline of Discovery and Response

Varonis shared their findings with Microsoft on August 31, 2023. Thankfully, the issue was addressed during January 2026’s Patch Tuesday. While there are no known instances of the Reprompt attack being exploited in the wild, users are advised to promptly install the latest security updates.

Affected User Groups

The Reprompt vulnerability solely impacted Copilot Personal users. Microsoft 365 Copilot, which is designed for enterprise customers, boasts enhanced security controls, such as:

  • Purview auditing
  • Tenant-level DLP (Data Loss Prevention)
  • Admin-enforced restrictions

Looking Forward

As Microsoft continues to integrate AI technologies across its platforms, security teams must prioritize protective measures against emerging threats like Reprompt. Moreover, as the Model Context Protocol (MCP) evolves, companies are urged to stay vigilant and adopt best security practices to safeguard new services.

For users and organizations, staying informed on security updates and adopting proactive measures are essential steps in defending against potential exploits.

The post Hackers Exploit Reprompt Attack to Hijack Microsoft Copilot Sessions appeared first on CDN3 - Filmogaz.

Related Posts

January 13, 2026: Official Patch Notes Released

January 13, 2026: Official Patch Notes Released

Taylor Keatsman 14 Jan 2026

Hytale Gameplay Guide: Editions, Pricing, and System Requirements

Hytale Gameplay Guide: Editions, Pricing, and System Re...

Taylor Keatsman 14 Jan 2026

Max Verstappen Unveils 2026 Ford Mustang Dark Horse SC

Max Verstappen Unveils 2026 Ford Mustang Dark Horse SC

Taylor Keatsman 14 Jan 2026

Major Nelson, Xbox Icon, Reveals Layoff from Unity

Major Nelson, Xbox Icon, Reveals Layoff from Unity

Taylor Keatsman 14 Jan 2026

Code Vein II Unveils Captivating ‘Overview’ Trailer

Code Vein II Unveils Captivating ‘Overview’ Trailer

Taylor Keatsman 14 Jan 2026

Deadpool: Abilities Enhanced, Map Added, and Exciting Team-Up Updates

Deadpool: Abilities Enhanced, Map Added, and Exciting T...

Taylor Keatsman 14 Jan 2026