Warning: AI can give your passwords to hackers. Prompt injection demo

AI agents like Microsoft Copilot can be exploited through prompt injection attacks, where hackers hide malicious instructions inside emails. A Radware demo shows how Copilot, when asked to summarize an email and create a Word document, unknowingly extracts and embeds hidden credentials from the email into the output document. The attacker never needs direct access — they just embed instructions in white text within an email. This vulnerability stems from AI agents being unable to distinguish between legitimate user instructions and attacker-injected commands. Hackers are increasingly leveraging AI to build attack tools and marketplaces, making these threats more accessible and widespread in 2026.