ADVERTISEMENT

Black Hat USA 2024: Microsoft’s AI will soon start leaking user data

A researcher at the Black Hat 2024 conference has revealed that Copilot, Microsoft’s AI assistant, has multiple security loopholes, allowing attackers to exfiltrate sensitive data and corporate credentials.

microsoft copilot

Image from Shutterstock

Paulina Okunytė
Paulina Okunytė Senior Journalist
Aug 7, 2024 Updated: 8 December 2025 4 min read

“Leakage is not only possible but probable”

“Attackers can remotely take over your interactions with the Copilot. They can get the Copilot to do whatever they want on your behalf, manipulate you, and misinform your decisions. They have full control of every word the Copilot writes to you,”
explains Bargury.

Ways to exploit Microsoft’s Copilot

ADVERTISEMENT

Reading hardcoded credentials

ADVERTISEMENT