German government CERT advisories reported multiple vulnerabilities affecting Microsoft 365 Copilot and Microsoft 365 Copilot Business Chat, including flaws that can lead to information disclosure. One advisory specifically identified Business Chat as vulnerable to several issues that could expose data, while a later advisory expanded the scope to Microsoft 365 Copilot more broadly.
The notices indicate that organizations using Microsoft’s AI-assisted productivity features may face risk from weaknesses in how Copilot components handle or expose information. Security teams should review Microsoft guidance and product-specific remediation for affected Copilot deployments, with particular attention to Business Chat instances where disclosure-related impact was explicitly highlighted.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
dCERT published Advisory 2026-1641 describing multiple vulnerabilities affecting Microsoft 365 Copilot.
dCERT published Advisory 2026-1389 covering multiple vulnerabilities in Microsoft 365 Copilot Business Chat that could allow information disclosure.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
2 references tracked. Mallory keeps watching after this page renders.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.