DiscoverCyberSpace PodcastCoPilot EchoLeak Bug | CyberSpace | S2E13
CoPilot EchoLeak Bug | CyberSpace | S2E13

CoPilot EchoLeak Bug | CyberSpace | S2E13

Update: 2025-06-19
Share

Description

Gen AI, LLMs and new applications of AI have created novel attack surfaces for attackers to probe, often looking to exfiltrate the hoards of sensitive data held in vector data stores. Luckily, the researchers got there first this time and discovered a super interesting attack sequence that tricks CoPilot into locating the most sensitive data it has access to, and then exfiltrating it to the attackers server. Josh, AJ and Vaughan take a look at this new bug in some depth, before looking at other geopolitical cyber developments and threat actor naming conventions.

Support the show

Comments 
In Channel
Citrix Bleed 2 | CyberSpace | S2E15

Citrix Bleed 2 | CyberSpace | S2E15

2025-07-0226:31

Messaging Apps, Disinformation & Ransomware Cleanup | CyberSpace | S2E14

Messaging Apps, Disinformation & Ransomware Cleanup | CyberSpace | S2E14

2025-06-2737:53

CoPilot EchoLeak Bug | CyberSpace | S2E13

CoPilot EchoLeak Bug | CyberSpace | S2E13

2025-06-1937:08

Ukraine Claims Devastating Hack while SentinelOne Catches Supply Chain Attack | CyberSpace | S2E12

Ukraine Claims Devastating Hack while SentinelOne Catches Supply Chain Attack | CyberSpace | S2E12

2025-06-1233:37

DanaBot Own Goal & M&S Breach Latest | CyberSpace | S2E11

DanaBot Own Goal & M&S Breach Latest | CyberSpace | S2E11

2025-05-2939:16

Scattered Spider Succeed with DragonForce | CyberSpace | S2E10

Scattered Spider Succeed with DragonForce | CyberSpace | S2E10

2025-05-0841:27

European Power Outage, Suspected Ivanti Zero-Day & Stats | CyberSpace | S2E9

European Power Outage, Suspected Ivanti Zero-Day & Stats | CyberSpace | S2E9

2025-04-3035:39

Application Security Special | CyberSpace | S2E8

Application Security Special | CyberSpace | S2E8

2025-04-2933:31

Dialysis Hack, Hertz Breach & China Names NSA Agents | CyberSpace | S2E7

Dialysis Hack, Hertz Breach & China Names NSA Agents | CyberSpace | S2E7

2025-04-1731:18

Are Ransomware Actors Abandoning Encryption? | CyberSpace | S2E6

Are Ransomware Actors Abandoning Encryption? | CyberSpace | S2E6

2025-04-0926:32

Oracle Breach(?) Update & SANS AI Summit Highlights | CyberSpace | S2E5

Oracle Breach(?) Update & SANS AI Summit Highlights | CyberSpace | S2E5

2025-04-0326:32

US Gov Signal Leak, Oracle Breach & Coinbase Compromise | CyberSpace | S2E4

US Gov Signal Leak, Oracle Breach & Coinbase Compromise | CyberSpace | S2E4

2025-04-0332:31

Chat GPT SSRF Exploit & GitHub Supply Chain Attack | CyberSpace | S2E3

Chat GPT SSRF Exploit & GitHub Supply Chain Attack | CyberSpace | S2E3

2025-03-2733:25

Kill Switches, Cobalt Strike, Space Hacks & LastPass | CyberSpace | S2E2

Kill Switches, Cobalt Strike, Space Hacks & LastPass | CyberSpace | S2E2

2025-03-1333:25

Bybit Heist, AI Leaks Secrets & US Stop Cyber Offensive | CyberSpace | S2E01

Bybit Heist, AI Leaks Secrets & US Stop Cyber Offensive | CyberSpace | S2E01

2025-03-0833:25

The Reckless Penetration Tester | 051 | CyberSpace

The Reckless Penetration Tester | 051 | CyberSpace

2024-12-0524:09

T-Mobile Hack & SOC Struggles | 049 | CyberSpace

T-Mobile Hack & SOC Struggles | 049 | CyberSpace

2024-11-2030:43

S3 Bucket Sniping & TPlink Botnets | 048 | CyberSpace

S3 Bucket Sniping & TPlink Botnets | 048 | CyberSpace

2024-11-0625:57

Prices Law in Cyber Security | EP046 | CyberSpace

Prices Law in Cyber Security | EP046 | CyberSpace

2024-10-2324:16

Cyber Security Recruiter AMA pt.2 | EP045 | CyberSpace

Cyber Security Recruiter AMA pt.2 | EP045 | CyberSpace

2024-10-0930:22

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

CoPilot EchoLeak Bug | CyberSpace | S2E13

CoPilot EchoLeak Bug | CyberSpace | S2E13

Empirical Training