Microsoft Copilot Studio prompt injection vulnerability exploited

Researchers discovered a critical prompt injection vulnerability in Microsoft's Copilot Studio, allowing data exfiltration despite security patches. The flaw, dubbed ShareLeak, enables attackers to hijack agents by injecting malicious prompts through SharePoint forms, causing them to leak sensitive customer data via Outlook. Microsoft has assigned a CVE and deployed a patch, but the incident highlights a broader class of vulnerabilities in agentic AI systems. Similar issues, like PipeLeak in Salesforce's Agentforce, also exist, underscoring the need for runtime security solutions that monitor agent actions rather than just static configurations.