bug-bounty545
xss379
exploit255
google204
rce179
facebook161
writeup134
microsoft129
web3122
open-source91
csrf89
cve84
account-takeover78
apple75
browser71
sqli65
malware64
ai-agents63
ssrf56
tool46
privacy44
dos44
cloudflare43
oauth41
pentest41
privilege-escalation40
ctf40
lfi39
llm37
aws36
idor35
supply-chain35
opinion35
phishing33
react33
automation33
auth-bypass33
cors32
machine-learning32
clickjacking31
reverse-engineering31
infrastructure31
code-generation31
cloud30
node30
race-condition29
access-control27
wordpress25
subdomain-takeover25
postmessage24
0
2/10
Microsoft's latest Copilot update forces all clicked links to open in a side panel powered by Edge's rendering engine rather than the user's chosen default browser, bypassing user settings and privacy controls. The feature is framed as 'context preservation' but effectively locks users into Microsoft's ecosystem without explicit opt-in.
browser-hijacking
default-browser-override
microsoft-copilot
privacy-concern
context-preservation
edge-browser
windows-insider
user-tracking
ecosystem-lock-in
Microsoft Copilot
Microsoft Edge
Windows Insider
Ken Macon
Reclaim The Net