INSPECTING ARCHIVED INTELLIGENCE (OUTDATED VERSION).
One-Click Microsoft 365 Data Theft Vulnerability Exploit
| 2026-06-15 15:09 CRITICAL HIGHExecutive Summary AI-generated
The discovery of SearchLeak, a one-click exfiltration path exploited by three bugs in Microsoft's Copilot Enterprise Search tool, has significant implications for enterprise security. The technique leverages vulnerabilities in the software to steal sensitive information such as emails, files, and MFA codes. This could have far-reaching consequences, including unauthorized access to user accounts, intellectual property, and confidential data. As a result, organizations must take immediate action to patch these vulnerabilities and implement additional security measures to prevent exploitation of this technique.
Technical Mitigations AI-generated
* Implement Content Security Policy (CSP) blocking: Ensure that the Microsoft Graph API and SharePoint/OneDrive data is blocked by CSP, preventing attackers from accessing sensitive information.
* Use a secure protocol for communication with Bing: When communicating with Bing to retrieve stolen data, use HTTPS or a secure tunneling protocol like TLS 1.2 to encrypt the communication between the attacker's server and the victim's browser.
* Implement rate limiting on API calls: Limit the number of API calls made by an attacker within a certain time frame (e.g., 10-15 minutes) to prevent them from exploiting the vulnerability repeatedly.
* Use a secure password manager or generate strong passwords: Ensure that all accounts, including Microsoft Graph and SharePoint/OneDrive, use strong, unique passwords or have a secure password manager in place to protect against data theft.
* Monitor for suspicious activity and implement incident response plan: Establish an incident response plan to quickly respond to potential security incidents, such as unauthorized access to sensitive information.
Technical Observables
Intelligence Metadata
Actors / Malware / CVEs / Campaigns
CVE-2026-42824CVE-2026-42824
CVE-2025-32711CVE-2025-32711
Target & Sectors
Global Scope
Incident Timeline
Jun 15, 2026
Attackers exploited a one-click exfiltration path by chaining three bugs into the Copilot Enterprise Search URL, allowing them to steal emails, files, and MFA codes.
Click on any entity below to view its context and source!
organisation
CVSS
Microsoft assigned
CVE-2026-42824
and marked it critical; the CVSS scores ran lower and disagreed, 6.5 from Microsoft and 7.5 from the
National Vulnerability Database
.
organisation
/Your_Security_Code_847291
The attacker reads it off their own logs, for example, a request for /Your_Security_Code_847291/img.png.
organisation
CVE-2025-32711
The same pattern showed up in
EchoLeak
(CVE-2025-32711), the zero-click Copilot data-leak bug Aim Security disclosed in 2025.
organisation
Aim Security
The same pattern showed up in
EchoLeak
(CVE-2025-32711), the zero-click Copilot data-leak bug Aim Security disclosed in 2025.
organisation
SearchLeak
In practice, SearchLeak stacks one AI-specific weakness on two old web bugs, and each link is needed for the next.
organisation
the Copilot Enterprise Search
The entry point is the
q
parameter in the Copilot Enterprise Search URL.
organisation
Copilot
It is meant for a natural-language query, but Copilot reads whatever sits there as instructions, not just a search string.
organisation
Next
Next is a race condition in how the response renders.
organisation
Content Security Policy
The last link gets the data past the page's Content Security Policy.
organisation
CSP
The CSP on m365.cloud.microsoft blocks images from arbitrary domains, but it allowlists *.bing.com.
organisation
Copilot Enterprise
What an attacker gets
Copilot Enterprise can reach whatever the signed-in user can, through their Microsoft Graph access, and the attacker inherits that reach without ever logging in.
organisation
Microsoft Graph
What an attacker gets
Copilot Enterprise can reach whatever the signed-in user can, through their Microsoft Graph access, and the attacker inherits that reach without ever logging in.
organisation
MFA
The most time-sensitive prize sits in the inbox: one-time codes, MFA codes, and password-reset links, often still valid for a few minutes.
organisation
SharePoint
The same access also reaches calendar invites, meeting notes, and any SharePoint or OneDrive file Copilot has indexed, where the salary data, earnings figures, and acquisition plans live.
organisation
OneDrive
The same access also reaches calendar invites, meeting notes, and any SharePoint or OneDrive file Copilot has indexed, where the salary data, earnings figures, and acquisition plans live.
organisation
Copilot Personal
Varonis researcher Dolev Taler demonstrated the same one-click technique in an
earlier Reprompt attack
against Copilot Personal, and it held up against Enterprise Search despite the extra guardrails that tier is supposed to enforce.
organisation
HTML
Look for Copilot Search URLs carrying encoded payloads or HTML in the q parameter, and for unusual outbound requests to Bing's image endpoints.
2026/06/15
Attackers exploited a parameter-to-prompt (P2P) injection weakness in Microsoft 365 Copilot Enterprise Search to steal emails, files, and MFA codes by clicking on trusted links.
Click on any entity below to view its context and source!
infrastructure
Microsoft 365
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes.
Swati Khandelwal
Jun 15, 2026
Vulnerability / Enterprise Security
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.
New attack turned Microsoft 365 Copilot into 1-click data theft tool.
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
In the first stage, the attack exploits a parameter-to-prompt (P2P) injection weakness by leveraging how Microsoft 365 Copilot Search accepts the ‘q’ URL parameter for search queries.
The complete SearchLeak attack chain
Source: Varonis
When chaining the weaknesses, the attack starts with the victim clicking on a crafted link that launches Microsoft 365 Copilot Search with instructions in the 'q' parameter to search the victim’s mailbox or other data sources.
organisation
MFA Codes
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes.
organisation
Vulnerability / Enterprise Security
Swati Khandelwal
Jun 15, 2026
Vulnerability / Enterprise Security
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.
organisation
Microsoft
Swati Khandelwal
Jun 15, 2026
Vulnerability / Enterprise Security
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.
Microsoft addressed SearchLeak at the beginning of the month and assigned it the
CVE-2026-42824
identifier with a maximum severity, critical rating.
organisation
Microsoft 365 Copilot Enterprise Search
Swati Khandelwal
Jun 15, 2026
Vulnerability / Enterprise Security
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.
organisation
Microsoft 365 Copilot
New attack turned Microsoft 365 Copilot into 1-click data theft tool.
organisation
SharePoint
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
organisation
OneDrive
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
organisation
Microsoft 365 Copilot Enterprise
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
organisation
Microsoft 365 Copilot Search
In the first stage, the attack exploits a parameter-to-prompt (P2P) injection weakness by leveraging how Microsoft 365 Copilot Search accepts the ‘q’ URL parameter for search queries.
organisation
SearchLeak
Microsoft addressed SearchLeak at the beginning of the month and assigned it the
CVE-2026-42824
identifier with a maximum severity, critical rating.
organisation
Copilot
Unlike regular Copilot, which generates content, Microsoft Copilot Enterprise Search looks for company data in emails, meetings, SharePoint files, and OneDrive.
organisation
Microsoft Copilot Enterprise Search
Unlike regular Copilot, which generates content, Microsoft Copilot Enterprise Search looks for company data in emails, meetings, SharePoint files, and OneDrive.
organisation
Next
Next, it then generates a response with an image tag, including the stolen information in the URL.
organisation
CSP
They combined a parameter-to-prompt injection, an HTML rendering race condition, and a content-security-policy (CSP) bypass enabled by Bing server-side request forgery (SSRF).
organisation
HTML
They combined a parameter-to-prompt injection, an HTML rendering race condition, and a content-security-policy (CSP) bypass enabled by Bing server-side request forgery (SSRF).
organisation
Copilot Enterprise Search
The exfiltrated information could be email content (e.g., access codes, passwords), calendar events and meeting details, documents, and other content accessible through Copilot Enterprise Search.
organisation
Bing’s “Search by Image
The third part of the chain is an SSRF issue in Bing’s “Search by Image” feature, which is used to launch a request to fetch an image from the attacker's endpoint.
organisation
EDR
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Tactical Metrics
Metrics
infrastructure
Microsoft 365
Affected Product
Click for context!
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes.
Swati Khandelwal
Jun 15, 2026
Vulnerability / Enterprise Security
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.
New attack turned Microsoft 365 Copilot into 1-click data theft tool.
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.
In the first stage, the attack exploits a parameter-to-prompt (P2P) injection weakness by leveraging how Microsoft 365 Copilot Search accepts the ‘q’ URL parameter for search queries.
The complete SearchLeak attack chain
Source: Varonis
When chaining the weaknesses, the attack starts with the victim clicking on a crafted link that launches Microsoft 365 Copilot Search with instructions in the 'q' parameter to search the victim’s mailbox or other data sources.
Intelligence Sources
The Hacker News
2026-06-15
BleepingComputer
2026-06-15
New attack turned Microsoft 365 Copilot into 1-click data theft tool
BleepingComputer
Unpublish from Social Media?
Are you sure you want to delete this podcast video from all synchronized social networks (YouTube, Facebook, Threads)?
Important:
Due to Meta API restrictions, Instagram Reels cannot be deleted automatically via API by third-party apps.
View Profile to Delete Manually
View Profile to Delete Manually
Tactical Intelligence
Report Intelligence Issue
Podcast Options
Generate
Incident Version History
CURRENT VERSION
Last Updated: 2026-06-29T06:29
Comprehensive Tactical Telemetry
Highly Correlated Entities
28x
organisation
Identified Entity
MFA Codes
entity
2x
tactic
Cyber Operation Type
Exfiltration
tactic
2x
timeline
Temporal Reference
Jun 15, 2026
date
2x
general metric
Jun
15
jun
2x
vulnerability
Exploited CVE
CVE-2026-42824
cve
2x
general metric
%
54
%
Contextual Telemetry
Context Block
4 METRICS
infrastructure
Affected Product
Microsoft 365
software
general metric
Microsoft
365
microsoft
general metric
Scores
6
scores
general metric
Copilot
1
copilot
Click on any entity below to view its context in the main text!
Selective Unpublish
Selecciona las redes de las que quieres eliminar esta publicación. El sistema intentará borrar el post real de la API y limpiará la base de datos para que puedas volver a lanzarlo.
By navigating this website, you accept the use of strictly necessary technical cookies for session security and basic platform functionality. We do not use tracking or advertising cookies.
Read our Privacy Policy.