Microsoft Copilot Personal Vulnerability Enables One-Click Phishing Data Theft for Millions

A vulnerability in Microsoft Copilot Personal allows the exfiltration of sensitive data through a one-click phishing attack, targeting millions of home users. The attack vector relies on a malicious link, with no additional technical details provided. No CVE identifier or patch is mentioned in the article. The potential impact includes the theft of personal data, but no evidence of active exploitation has been reported. The flaw specifically affects the consumer version of Copilot.