Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > Every Old Vulnerability Is Now an AI Vulnerability

Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.

On March 10, 2026, Microsoft patched CVE-2026-26144, a cross-site scripting (XSS) vulnerability in Excel. XSS in Office isn't anything new, but what makes this XSS different is what happens after the script executes.

The vulnerability chains with Copilot Agent mode. An attacker embeds a malicious payload in an Excel file. After a user opens it, the XSS fires without the user ever clicking anything. However, unlike most XSS attacks, which aim to steal a session cookie or redirect the user to a phishing site, this attack hijacks the Copilot Agent and silently exfiltrates data from the spreadsheet to an attacker-controlled endpoint: no user interaction, no visual prompt to indicate that anything had happened. The AI does the exfiltration for you. More here

Similar Stories

A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data. More...

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks. More...

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

Have your say

 

News Categories

A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data. More...

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks. More...

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Follow Us

This website is powered by
ToucanTech