Experts warn Microsoft Copilot Studio agents are being hijacked to steal OAuth tokens

CoPhish uses Copilot Studio agents to phish OAuth tokens via fake login flows Attackers exploit Microsoft domains to appear ...