Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.