CATEGORIES
home News

This Copilot Exploit Bypasses Safeguards, Steals Data, Even After Chat Is Closed

by Chris HarperThursday, January 15, 2026, 02:48 PM EDT
hero repilot exploit
As AI gets more heavily integrated into Windows, enhanced cybersecurity is required to prevent it from being used against us. Take Reprompt, for example. Reprompt is a Copilot exploit, that can use multi-stage prompts to steal user data, but thankfully it's already been patches. So as long as you haven't already been victimized and your Windows 11 Copilot is up-to-date, you have nothing to worry about at this point. However, the details of this exploit do give us a glimpse of what to expect from future attacks that successfully bypass AI safeguards, and based on the viewership of our previous Remove Windows AI tutorial, we wouldn't be surprised if some users would prefer to minimize risk altogether by avoiding OS agents entirely.

Here's how Repromt works. Reprompt starts with a legitimate URL that has a hidden malicious prompt. Once the user clicks, the attack progresses, even after they've closed the window. The attacker can then communicate directly with Copilot through an external server, and use the AI agent to exfiltrate data to send it back to the attackers. Since the AI has access to most of a user's personal information, attackers can prompt it to learn as much about the victim as possible, under the radar from detection.

diagram reprompt attack

This attack was originally disclosed to Microsoft on August 31st of last year and was finally patched on Tuesday, January 13th. While the issue only impacted Copilot Personal and left Microsoft 365 Copilot unaffected, that's still a long period of time for this vector of attack to have been available to malicious users. No reports of it being used in the wild have been shared by the original exploit finders Varonis or Microsoft, though, so fortunately the real-world impact of this one seems to have been minimal. At least, as far as we know.

Even so, it's difficult not to acknowledge just how concerning attacks of this nature actually are. It would seem AI agents hallucinating may be the least of our problems if Microsoft continues cramming AI features into every corner of Windows.

Tags:  Microsoft, exploit, copilot, cybersecurity, AI
Chris Harper

Chris Harper

Christopher Harper is a tech writer with over a decade of experience writing how-tos and news. Off work, he stays sharp with gym time & stylish action games.
TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment