ShareLeak: indirect prompt injection in Microsoft Copilot Studio exfiltrates customer records (CVE-2026-21520)
An indirect prompt injection flaw in Microsoft Copilot Studio let an unauthenticated attacker plant instructions in a public SharePoint form field that hijacked an AI agent into emailing connected customer records to an attacker address.