{"href":"https://api.simplecast.com/oembed?url=https%3A%2F%2Fsecuritytools.simplecast.com%2Fepisodes%2Fcopilots-zero-click-vulnerability-6ZO0Dxzu","width":444,"version":"1.0","type":"rich","title":"Copilot's Zero-Click Vulnerability","thumbnail_width":300,"thumbnail_url":"https://image.simplecastcdn.com/images/59617cff-d258-400b-81f9-af733334da9f/c52cd99a-25d2-4ac1-ba5d-1fd490c79884/soc-podcastart.jpg","thumbnail_height":300,"provider_url":"https://simplecast.com","provider_name":"Simplecast","html":"<iframe src=\"https://player.simplecast.com/a3c94fd3-03e1-4921-aaa5-7b221c6df84e\" height=\"200\" width=\"100%\" title=\"Copilot&apos;s Zero-Click Vulnerability\" frameborder=\"0\" scrolling=\"no\"></iframe>","height":200,"description":"In this episode, Matt and David explore a recently patched Copilot vulnerability that allowed attackers to craft emails that prompted Copilot to send sensitive information to an attacker's server.\n\nThis prompt injection attack begs the question: What other vulnerabilities will AI bring to data?\n\nThey also follow up with Scattered Spider & Dragonforce's continued assault on UK Retail and how their tactics are beginning to spread to insurance organizations."}