https://www.csoonline.com/article/4080154/copilot-diagrams-could-leak-corporate-emails-via-indirect-prompt-injection.html
Copilot diagrams could leak corporate emails via indirect prompt injection | CSO Online
Oct 28, 2025 - A now patched flaw in Microsoft 365 Copilot let attackers turn its diagram tool, Mermaid, into a data exfiltration channel–fetching and encoding emails...
via indirect promptcopilot
https://www.promptarmor.com/resources/data-exfiltration-from-slack-ai-via-indirect-prompt-injection
Data Exfiltration from Slack AI via Indirect Prompt Injection
This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation.
via indirect promptslack ai