Critical Copilot bug let hackers steal 2FA codes

Microsoft patched a max-critical vulnerability in M365 Copilot that allowed attackers to retrieve 2FA codes and sensitive data from emails. Researchers demonstrated a proof-of-concept exploit using markup language and HTML tags to bypass guardrails. The root cause is AI bots' inability to distinguish user instructions from instructions hidden in third-party content.