#prompt-injection

Microsoft Copilot's Cowork flaw lets attackers steal files via prompt injection

A security flaw in Microsoft Copilot's Cowork feature allows file exfiltration through prompt injection, demonstrated by Kneenex on May 25, 2026 [hn-front].