Information security
fromTheregister
1 day agoSneaky Mermaid attack in Microsoft 365 Copilot steals data
An indirect prompt injection using Mermaid/CSS in Microsoft 365 Copilot enabled exfiltration of tenant emails; Microsoft patched the bug but excluded M365 Copilot from the bug bounty program.