Indirect prompt injection attacks are really in their infancy. As we enable more agents and more tools/integrations, the possibilities for this *fundamentally unfixable* vulnerability get scarier.
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
