Critical Copilot Vulnerability Let Hackers Steal 2FA Codes from Users
Original: Critical Copilot vulnerability allowed hackers to seal 2FA code from users
A critical Copilot flaw dubbed SearchLeak enabled attackers to steal two-factor authentication codes directly from users.
A critical vulnerability in Microsoft Copilot, named SearchLeak, allowed malicious actors to steal two-factor authentication codes from users — among the most sensitive short-lived credentials in any security workflow. The exploit exposes a recurring weakness in LLM-integrated products: AI assistants with broad data access create novel attack surfaces that conventional security models fail to contain. Ars Technica frames the incident as evidence of the AI industry's persistent, systemic inability to get ahead of LLM-specific security threats.
The SearchLeak exploit represents a critical security vulnerability discovered in Microsoft Copilot that allowed malicious actors to steal two-factor authentication (2FA) codes directly from users. Covered by Ars Technica on June 16, 2026, the incident is framed not as an isolated bug but as a symptom of what the publication characterizes as repeated, systemic failure in how the AI industry approaches security for large language model (LLM)-powered products.
Free shows the 3-line summary; Pro unlocks the full deep summary (~300 words) so you never have to click through.
See Pro plans →Want the original English / full article?
Read on Ars Technica AI →Summaries are AI-generated; the original article is authoritative.