Co-Pilot Studio Call Action

26d

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in Capsule Security's testing, data exfiltrated anyway. Here's what security ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Trending now