Researchers Discover "Reprompt" Attack Allowing Hackers to Hijack Microsoft Copilot Sessions

Cybersecurity researchers have uncovered an attack dubbed Reprompt that enables hackers to hijack Microsoft Copilot sessions. This method exploits vulnerabilities in request processing to inject malicious commands and access sensitive data. The attack was demonstrated on specific versions of Copilot, particularly within Microsoft 365 environments. Microsoft has since patched the identified flaws.