Techly NewsGet the app

Get the latest tech news

Microsoft’s AI Can Be Turned Into an Automated Phishing Machine


Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows.

Ask a question about an upcoming meeting and the company’s Copilot AI system can pull answers from your emails, Teams chats, and files—a potential productivity boon. “I can do this with everyone you have ever spoken to, and I can send hundreds of emails on your behalf,” says Bargury, the cofounder and CTO of security company Zenity, who published his findings alongside videos showing how Copilot could be abused. That demonstration, as with other attacks created by Bargury, broadly works by using the large language model (LLM) as designed: typing written questions to access data the AI can retrieve.

Get the Android app

Or read this on Wired

Read more on:

Photo of Microsoft

Microsoft

Related news:

News photo

Microsoft and Palantir partner to sell AI to government agencies

News photo

Why Google, Microsoft and Amazon Shy Away From Buying A.I. Start-Ups

News photo

CrowdStrike releases root cause analysis of the global Microsoft breakdown

« Breakthrough in molecular control: New bioinspired double helix with switchable chirality