CyberSecurityBoard
Sponsor Register Login

New CoPhish technique wraps OAuth phishing in Microsoft Copilot

A new phishing technique called CoPhish has emerged, leveraging Microsoft Copilot to enhance OAuth phishing attacks. This innovative method tricks users into granting malicious apps access to their Microsoft accounts by mimicking legitimate Microsoft Copilot prompts. The attack exploits the trust users place in Microsoft’s AI assistant, increasing the likelihood of successful credential theft and unauthorized access. Cybersecurity experts warn that this technique represents a significant evolution in phishing tactics, combining social engineering with advanced AI-driven interfaces to deceive victims more effectively. Organizations and individuals are urged to remain vigilant, implement multi-factor authentication, and educate users about the risks of OAuth phishing and the importance of scrutinizing permission requests, even when they appear to come from trusted sources like Microsoft Copilot. This development underscores the need for continuous adaptation in cybersecurity defenses to counter increasingly sophisticated social engineering attacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 25 Oct 2025 16:20:56 +0000


Cyber News related to New CoPhish technique wraps OAuth phishing in Microsoft Copilot

Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
2 years ago Microsoft.com
10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
6 months ago Cybersecuritynews.com
AI In Windows: Investigating Windows Copilot - With Microsoft's recent integration of Copilot into Windows, AI is even on the old stalwart of computing-the desktop. In this blog post, I'd like to share the results of my brief investigation into how Microsoft has integrated Copilot into its legacy ...
2 years ago Securityboulevard.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
2 years ago Microsoft.com
New CoPhish attack steals OAuth tokens via Copilot Studio agents - A new phishing campaign named CoPhish has been discovered targeting OAuth tokens through malicious Copilot Studio agents. This sophisticated attack exploits OAuth authorization flows to steal tokens, allowing attackers to gain unauthorized access to ...
3 months ago Bleepingcomputer.com CoPhish
Microsoft Copilot for Security: General Availability details - To help you seize this opportunity, we are excited to announce the general availability of Microsoft Copilot for Security on April 1st. This industry-leading product is the only generative AI solution that helps security and IT professionals amplify ...
1 year ago Techcommunity.microsoft.com
Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team - AI is quickly becoming a force multiplier-presenting significant opportunities for security teams to increase productivity, save time, upskill resources, and more. Microsoft Copilot for Security is already showing immediate impact for security teams ...
2 years ago Microsoft.com
New CoPhish technique wraps OAuth phishing in Microsoft Copilot - A new phishing technique called CoPhish has emerged, leveraging Microsoft Copilot to enhance OAuth phishing attacks. This innovative method tricks users into granting malicious apps access to their Microsoft accounts by mimicking legitimate Microsoft ...
3 months ago Bleepingcomputer.com
Attackers Target Microsoft Accounts to Weaponize OAuth Apps - Threat actors are abusing organizations' weak authentication practices to create and exploit OAuth applications, often for financial gain, in a string of attacks that include various vectors, including cryptomining, phishing, and password spraying. ...
2 years ago Darkreading.com
Windows 11 tests sharing apps screen and files with Copilot AI - If you're a Windows Insider, you can try this feature by clicking the glasses icon in the Copilot app, selecting the browser or app you want to share the screen with, and then asking Copilot to help you out. This feature is rolling out to Windows ...
10 months ago Bleepingcomputer.com
Microsoft announces Security Copilot early access program - Microsoft announced this week that its ChatGPT-like Security Copilot AI assistant is now available in early access for some customers. Security Copilot, Redmond's AI-driven security analysis tool, makes it faster for security teams to counter threats ...
2 years ago Bleepingcomputer.com
Microsoft Disables Verified Partner Accounts Used for OAuth Phishing - Microsoft has disabled multiple fraudulent, verified Microsoft Partner Network accounts for creating malicious OAuth applications that breached organizations cloud environments to steal email. In a joint announcement between Microsoft and Proofpoint, ...
3 years ago Bleepingcomputer.com
Latest Information Security and Hacking Incidents - Prepare for a paradigm shift as Microsoft takes a giant leap forward with a game-changing announcement - the integration of an Artificial Intelligence key in their keyboards, the most substantial update in 30 years. This futuristic addition promises ...
2 years ago Cysecurity.news
Microsoft: March Windows updates mistakenly uninstall Copilot - ​Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. More recently, Microsoft announced that it's rolling out a new ...
10 months ago Bleepingcomputer.com
Microsoft Edge now an 'AI-powered browser' with Copilot Mode - Once Copilot Mode is enabled, the AI assistant will be able to analyze all open browser tabs with the user's permission, comparing information and assisting with various tasks, such as researching vacation rentals. Microsoft has introduced Copilot ...
6 months ago Bleepingcomputer.com
Microsoft: OAuth apps used to automate BEC and cryptomining attacks - Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth is an open standard for granting apps secure delegated access to server ...
2 years ago Bleepingcomputer.com
Microsoft fixes Windows update bug that uninstalled Copilot - More recently, Microsoft started rolling out a new native Copilot app to Windows Insiders via the Microsoft Store and announced a press-to-talk feature enabling users to interact with Copilot using their voice when holding the Alt + Spacebar keyboard ...
10 months ago Bleepingcomputer.com
Microsoft Copilot for Security ready for takeoff The Register - Microsoft Copilot for Security, a subscription AI security service, will be generally available on April 1, 2024, the company announced on Wednesday. Its arrival on April Fool's Day is purely coincidental. As a measure of the company's commitment to ...
1 year ago Go.theregister.com
Data thieves abuse Microsoft's 'verified publisher' status The Register - Miscreants using malicious OAuth applications abused Microsoft's "Verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings. According to researchers with ...
3 years ago Packetstormsecurity.com Lazarus Group
CoPhish Attack Exploits Copilot Studio to Bypass MFA and Steal Credentials - The recent CoPhish attack leverages the Copilot Studio platform to bypass multi-factor authentication (MFA) and steal user credentials, posing a significant threat to cybersecurity. This sophisticated phishing campaign exploits the trust users place ...
3 months ago Cybersecuritynews.com CoPhish
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
2 years ago Techrepublic.com
Hackers Abuse OAuth Applications to Automated Finacial Attacks - OAuth is an industry-standard protocol that allows third-party applications to access a user's data without exposing login credentials. This standard protocol facilitates secure authorization and authentication, commonly used to access resources on ...
2 years ago Cybersecuritynews.com
What Is OAuth 2.0? - Scope of Access: Before OAuth, the meal planning app might have access to data that the user did not actually wish to share. No Way to Revoke Access: Before OAuth, the user could not easily restrict or revoke the meal planning app's access to their ...
2 years ago Feeds.dzone.com
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns - Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. OAuth is an open standard authentication protocol that uses tokens to grant applications access to ...
2 years ago Helpnetsecurity.com Hunters
Windows 11 update KB5033375 released with upgraded Copilot AI-assistant - Microsoft has published a new update for Windows 11 versions 23H2 and 22H2 to fix security vulnerabilities and improve Copilot. 2861 and adds new features like Copilot for multiple displays and Alt-Tab. You can grab the Patch by going to Start > ...
2 years ago Bleepingcomputer.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)