Reprompt flaw lets attackers hijack Copilot sessions via malicious prompts
Researchers exposed 'Reprompt', a flaw that injects commands via Copilot's URL q parameter to hijack an authenticated session and exfiltrate data, using P2P injection, double-request, and chain-request techniques; Microsoft patched the vulnerability on January 2026 Patch Tuesday, mainly affecting Copilot Personal rather than Microsoft 365 Copilot, and users should apply the latest Windows updates.