Episode Details

Back to Episodes

20260617 - SearchLeak: Prompt-inject enterprise Copilot with a search

Published 5 days, 8 hours ago

Description

with the help of the 100% trusted Microsoft Bing

Patreon: https://www.patreon.com/davidgerard
Ko-Fi: https://ko-fi.com/A1529D5
Buy us nice useful things (if not in the UK, set the delivery postcode to SW1A 0AA): https://www.amazon.co.uk/hz/wishlist/ls/3Q8VZW46J6DM6
Get an extremely cool Pivot to AI shirt or mug: https://pivot-to-ai.redbubble.com

Send in your story tips: dgerard@gmail.com

Sources:

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon https://www.varonis.com/blog/searchleak
M365 Copilot Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42824

Previously on Pivot to AI:

How to hack Microsoft Copilot AI: ask it twice https://pivot-to-ai.com/2026/01/20/how-to-hack-microsoft-copilot-ai-ask-it-twice/
video: https://www.youtube.com/watch?v=yhpt0cJLlHM&list=UU9rJrMVgcXTfa8xuMnbhAEA

Full Pivot to AI playlist: https://www.youtube.com/playlist?list=UU9rJrMVgcXTfa8xuMnbhAEA

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.