
New Attack Method Could Trick AI Assistants Into Leaking Your Work Data
Microsoft found that AI tools acting on your behalf can be tricked into sharing company information with outsiders.
Source
The Hacker News
Original headline: Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data
Plain-English summary by GetCyberRight. Read the full report at the source above.
Microsoft researchers discovered a new way that attackers can hijack AI agents that perform tasks on behalf of users. The attack works by poisoning the descriptions of tools that the AI uses.
When an AI agent reads these poisoned descriptions, it can be tricked into sending company data to an attacker. The concerning part is that the AI agent never technically breaks any rules, so security systems may not detect anything wrong. This affects people who use AI assistants at work, particularly tools that can access company emails, documents, calendars, or databases on your behalf. If your workplace has adopted AI agents that help schedule meetings, search files, or perform other tasks automatically, those systems could potentially be manipulated. The research comes from Microsoft Incident Response and its security teams.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
If you use AI tools at work, be cautious about what data you allow them to access.
- Ask your IT department what AI tools are approved for company use and what safeguards are in place.
- Do not connect personal AI assistants to your work accounts or company data.
- Be suspicious if an AI assistant starts behaving strangely or asks for unusual permissions. Report this to your IT team immediately.
- Never share sensitive company information through AI chat tools unless your employer has specifically approved them. As AI assistants become more common at work and home, treat them like any other technology that handles your information. Only use AI tools from trusted companies, understand what data they can access, and pay attention when they ask for new permissions. The safest approach is to limit what information any AI tool can see to only what it absolutely needs to do its job.
Curated from trusted cybersecurity sources by GetCyberRight
Source: The Hacker NewsStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Government and Critical Infrastructure Systems Targeted in Southeast Asia
A hacking group linked to China compromised at least 10 organizations in Southeast Asia, including two government-owned entities.
2 min read
Foreign Hackers Target Critical Infrastructure in Southeast Asia. What It Means for Safety.
A hacking group linked to China compromised at least 10 organizations in Southeast Asia, including state owned entities that manage critical systems affecting public services.
2 min readFake Venezuela Earthquake Charity Sites Steal Your Donations
Scammers created 212 fake charity websites in just five days after Venezuela's earthquake. Here's how to donate safely and protect your family.
3 min read212 Fake Disaster Relief Sites Created in Just 5 Days
Scammers registered 212 fake Venezuelan earthquake relief websites in five days. Here's how to protect yourself when donating after disasters.
3 min read