Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
CSO Online

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...