VentureBeat

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...
GitHub

GUI-explorer: Autonomous Exploration and Mining of Transition-aware Knowledge for GUI Agent

This is the github repository of GUI-explorer: Autonomous Exploration and Mining of Transition-aware Knowledge for GUI Agent. In this work, we propose GUI-explorer. It synergizes two key components: ...