Found this writeup on a Copilot bug they’re calling SearchLeak. A prompt injection flaw let attackers pull 2FA codes out of users through the assistant. The whole point of 2FA is the one thing it managed to leak. What gets me is the pattern. Every few months it’s another LLM feature shipped wide open, then patched after researchers poke it, then sold back to us as enterprise grade security. Bolting a chatbot onto everything keeps creating brand new ways to reach data that used to be locked down. Good that it was caught and fixed, but the underlying approach to securing these things still feels like guessing. https://arstechnica.com/security/2026/06/critical-copilot-vulnerability-allowed-hackers-to-seal-2fa-code-from-users/ submitted by /u/TrustSig
Originally posted by u/TrustSig on r/ArtificialInteligence