Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
A recently fixed vulnerability allowed attackers to exploit Microsoft Copilot Personal with a single click to steal sensitive user data. Using a phishing link, attackers were able to take control of sessions without requiring further intervention, exploiting a flaw that has since been patched.
Attackers launch Reprompt by sending a phishing email with a legitimate Copilot URL containing a malicious “q” parameter, which automatically executes a prompt when the page loads.
The discovery was made by Varonis, who detailed three key techniques that allow data theft by bypassing Copilot’s security measures designed to block URL retrievals and leaks.
Parameter-to-Prompt (P2P) injection takes advantage of the victim’s authenticated session, which persists even after the tab is closed, to extract sensitive information such as usernames, locations, file access history, and vacation plans.
These techniques make data exfiltration undetectable, as the prompts appear harmless while the information is gradually leaked to the attackers’ servers.
Reprompt targets Copilot Personal, a consumer-facing tool built into Windows and Edge that allows access to Microsoft prompts, logs, and information such as recent documents and location.
Varonis responsibly reported the issue to Microsoft on August 31, 2025 , with a fix distributed via Patch Tuesday on January 13, 2026. Users are advised to immediately apply the latest Windows updates to block residual issues.
Compared to previous vulnerabilities, such as EchoLeak (CVE-2025-32711), Reprompt stood out by requiring no documentation or plugins, highlighting the dangers of URL parameters in AI platforms.
It’s critical that organizations consider AI URL inputs potentially dangerous and implement robust security measures for all combined prompts. For Copilot Personal users, careful evaluation of predefined prompts, along with avoiding dubious links and monitoring for irregularities, such as unsolicited data requests, is essential.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
