SYNTHETIC OUTLAW OBSERVATORY

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

CANDIDATE · 2026-06-16 · United States · Critical Infrastructure · signal 9/10

A critical vulnerability in Microsoft's M365 Copilot AI platform allowed attackers to exfiltrate sensitive data, including 2FA codes, by exploiting the system's inability to distinguish between legitimate user instructions and malicious requests. Despite guardrails designed to prevent such actions, the attackers successfully circumvented these protections through a method called SearchLeak.

Open this event on the live map →
More events in Critical Infrastructure
More events in United States
Browse the full record →