All posts tagged: Copilots

‘What a joke’: Github Copilot’s new token-based billing spurs consternation among devs

‘What a joke’: Github Copilot’s new token-based billing spurs consternation among devs

Published by skeptic

The golden age of Microsoft’s Github Copilot appears to be at an end — for the little guy, at least. The company is switching its billing system from a flat subscription rate to a token-usage system that has the potential to bill users at a significantly higher rate. Bigger enterprises may still have the juice for it, but smaller companies and workers could find themselves wondering how they’re supposed to balance the monthly budget. The changes, which will take place June 1, mean that users will charged based on how many tokens they burn through as they work instead of a low flat rate based on requests. Some developers with financial whiplash have taken to places like Reddit and X to bemoan what — in many cases — appears to be a drastic escalation in cost. “What a joke,” one Redditor recently wrote, claiming that, while they currently only pay around $29 per month, the new rate will balloon their costs to nearly $750 a month. “This new usage model is just stupidly expensive. I’m adjusting …

How a simple link allowed hackers to bypass Copilot’s security guardrails – and what Microsoft did about it

How a simple link allowed hackers to bypass Copilot’s security guardrails – and what Microsoft did about it

Published by skeptic

Ernesto r. Ageitos/Moment/Getty Images Follow ZDNET: Add us as a preferred source on Google. ZDNET’s key takeaways Dubbed “Reprompt,” the attack used a URL parameter to steal user data. A single click was enough to trigger the entire attack chain. Attackers could pull sensitive Copilot data, even after the window closed. Researchers have revealed a new attack that required only one click to execute, bypassing Microsoft Copilot security controls and enabling the theft of user data. Also: How to remove Copilot AI from Windows 11 today Meet Reprompt On Wednesday, Varonis Threat Labs published new research documenting Reprompt, a new attack method that affected Microsoft’s Copilot AI assistant. Reprompt impacted Microsoft Copilot Personal and, according to the team, gave “threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls entirely and accesses sensitive data without detection — all from one click.” Also: AI PCs aren’t selling, and Microsoft’s PC partners are scrambling No user interaction with Copilot or plugins was required for this attack to trigger. Instead, victims had …