A "critical" Microsoft Copilot exploit exposes AI gullibility — turning the chatbot into a data snitch for 2FA codes and sensitive emails

windowscentral.com Jun 17, 2026

A “critical” Microsoft Copilot exploit exposes AI gullibility — turning the chatbot into a data snitch for 2FA codes and sensitive emails

Curated by Shubham · TechCapsules · Jun 17, 2026

AI-summarised brief · reviewed before publication

A significant vulnerability has been discovered in Microsoft Copilot, dubbed SearchLeak, which can steal personal and enterprise data. The vulnerability is a three-stage chain that turns Microsoft 365 Copilot Enterprise Search into a silent data exfiltration weapon. It works by sending a malicious link with a "q parameter" that Copilot's AI engine interprets as executable instructions, allowing attackers to exfiltrate sensitive data via Bing. The vulnerability has been patched, but it highlights the dangers of AI in enterprise and the evolving nature of AI-powered threats. Microsoft labelled the vulnerability "critical" and indicated it wasn't exploited.

💡 Why It Matters

· SearchLeak exposes the darker side of AI's ability to create new paths into systems, building on older weaknesses and remaining difficult for security teams to detect.
· It underscores the need for robust security measures to mitigate AI-specific vulnerabilities.

Read full article on windowscentral.com

Insight Health Joins AdvancedMD Marketplace to Bring Clinical AI Agents to Thousands…

Insight Health has joined the AdvancedMD Marketplace, making its AI-powered clinical agents available to thousands of independent practices and multi-specialty groups. This partnership aims to reduce the administrative burden in healthcare by automating front-office and documentation workflows. The integration will provide AdvancedMD users with access to Insight Health's suite of clinical agents, streamlining tasks and improving efficiency. The move is significant as it brings advanced technology to a large number of healthcare providers, potentially improving patient care and reducing costs. The partnership is expected to have a positive impact on the healthcare industry, with thousands of practices set to benefit from the new technology, and is a key development in the use of AI in healthcare, with the goal of reducing administrative tasks and enhancing clinical decision-making.

💡 By automating routine tasks, healthcare providers can focus on high-value tasks that improve patient outcomes. This integration also sets a precedent for wider adoption of AI-powered solutions in healthcare, driving innovation and efficiency in the sector.

9to5google.com · Jun 18

Gemini for Android using Bubbles to let you multitask & continue chats

The Gemini overlay on Android has introduced Bubbles to enable multitasking and continuous conversations. Users can access this feature by starting a conversation from the Gemini overlay, which then minimizes into a Bubble featuring the spark logo when the screen is tapped elsewhere. Tapping the Bubble expands it back into the full Gemini overlay, allowing users to resume their conversation. This update aims to let users keep talking to Gemini while performing other tasks. The feature is currently available on Android 17 QPR1 Beta, although its wider rollout has not been confirmed. The update brings a similar experience to Gemini Live's floating waveform circle.

💡 By integrating Bubbles, Gemini enhances its usability and convenience, allowing for seamless conversation continuity. This streamlined experience strengthens Gemini's assistive capabilities.

en.sedaily.com · Jun 17

Hyundai E&C Launches Industry-First ChatGPT Sales Consultant, Opening AI Housing Era

Hyundai Engineering & Construction (000720.KS) is launching a groundbreaking service, the "Generative AI Sales Consultant," at its model houses, including "Hillstate Yangsan The Sky." This AI-powered tool, based on ChatGPT technology, allows for natural language responses and real-time calculations of complex subscription point scores. The service will be available 24/7 across multiple channels, including offline model houses and the company's integrated platforms. Hyundai E&C aims to revolutionize the housing industry with its AI housing innovation roadmap, covering sales consulting, residential space control, and hyper-personalized services.

💡 The launch of Hyundai E&C's Generative AI Sales Consultant marks a significant shift towards AI-driven residential services, blurring the lines between technology and living space. By integrating AI into every aspect of the housing process, Hyundai E&C is poised to redefine the concept of "home" and create a new standard for hyper-personalized living experiences.

philippinetimes.com · Jun 17

Musks Grok AI helped fire 2,000 missiles at Iran Pentagon

The US Department of War has designated xAIs data centers as critical national security infrastructure, likening them to munitions production plants. This classification was made by the Pentagon's artificial intelligence chief in a sworn declaration as part of a lawsuit to restrict the operation of xAI's Colossus data centers in Memphis, Tennessee, over environmental concerns. The data centers, which house the Grok AI, are crucial for the US military's Palantir-developed Maven Smart Systems, enabling the deployment of over 2,000 munitions to 2,000 distinct targets within 96 hours.

💡 The Pentagon's reliance on xAIs data centers raises concerns about the militarization of AI and the potential for civilian casualties. The use of AI in military targeting, as seen in the Minab strike that killed nearly 160 schoolgirls, highlights the need for accountability and transparency in the development and deployment of AI systems.

freemalaysiatoday.com · Jun 17

Grok, a generative artificial intelligence chatbot developed by US artificial intelligence company…

Elon Musk's artificial intelligence tool Grok was used in US strikes against Iran, according to a US government legal briefing. The briefing defends gas turbines used by xAI, Musk's company, which are the target of an environmental lawsuit. The US justice department argues that shutting off the power supply would threaten national security. Grok is part of the US military's AI-assisted targeting program, Project Maven, which enabled efficient deployment of munitions during Operation Epic Fury. The Pentagon praises Grok's technology for increasing operational efficiency. The lawsuit accuses xAI of operating turbines without permits, violating the Clean Air Act.

💡 The use of Grok in military operations raises concerns about AI's role in warfare and its potential impact on human rights. Musk's involvement in the US military's AI pursuits also sparks debate about the ethics of AI development and its applications.

neowin.net · Jun 17

Microsoft’s Copilot Cowork now generally available with usage-based billing

Microsoft has made its Copilot Cowork service generally available worldwide for Microsoft 365 Copilot customers. This feature allows users to assign tasks to AI to complete in the background using organizational context. Copilot Cowork is 30-40% cheaper than Claude Cowork and runs on Anthropic models, with the option to use GPT-5.5 for Frontier customers. The service is billed separately through Copilot Credits, with pay-as-you-go pricing at $0.01 per credit. Microsoft provides IT teams with control over usage costs through spending limits and reporting.

💡 The widespread adoption of Copilot Cowork could revolutionize the way businesses utilize AI, enabling them to automate complex tasks and reduce costs. As the fastest-growing feature in Microsoft's Frontier program, its impact on the industry's efficiency and productivity will be significant.