Microsoft 365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data

October 21, 2025

A sophisticated vulnerability in Microsoft 365 Copilot (M365 Copilot) that allows attackers to steal sensitive tenant data, including recent emails, through indirect prompt injection attacks.

BladeOne

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome

Bipartisan healthcare cyber legislation advances in Senate

Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel

Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka

Vibe coding service Lovable accused of hosting malware-ridden apps exposing thousands of users — it says they should take more care

Dohdoor Malware Targets U.S. Schools and Healthcare In Multi-Stage Campaign

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

With Iran strikes, geopolitical chaos again haunts commercial aviation

Palm Oil Extends Gains into March on Geopolitical Tailwinds

Australian Shares Retreat on Geopolitical Tensions

Focus On New Geopolitical Environment, Asset Allocation

Global markets after Iran strikes: oil surges, airlines sink, bonds defy safe-haven playbook

European stocks set to slump as markets react to U.S., Israeli strikes on Iran

Global markets show resilience amid Middle East tensions: Matt Orton

War shock: Global markets plummet as U.S.-Iran conflict escalates

How AI technology is both powering and polarizing the modern job search

China’s Policy Summit Puts Tech, Stimulus in Focus for Investors

Cal Poly Partners expands Technology Park with new collaborative facility

Small Business Technology News: A ChatGPT Smart Speaker

Iran’s Goal Is to Make US and Israel Pay for Killing Khamenei

Supreme Court Rebuffs Challenge to Ban on Gun Ownership by Nonviolent Felons

3 US Jets Shot Down in ‘Friendly Fire’ in Kuwait, Pentagon Says

British exporters pivot away from America as global conflicts and trade tariffs bite

Microsoft 365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Iran’s Goal Is to Make US and Israel Pay for Killing Khamenei

Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome

Bipartisan healthcare cyber legislation advances in Senate