On March 10, 2026, Microsoft patched CVE-2026-26144, a cross-site scripting (XSS) vulnerability in Excel. XSS in Office isn't anything new, but what makes this XSS different is what happens after the script executes.

The vulnerability chains with Copilot Agent mode. An attacker embeds a malicious payload in an Excel file. After a user opens it, the XSS fires without the user ever clicking anything. However, unlike most XSS attacks, which aim to steal a session cookie or redirect the user to a phishing site, this attack hijacks the Copilot Agent and silently exfiltrates data from the spreadsheet to an attacker-controlled endpoint: no user interaction, no visual prompt to indicate that anything had happened. The AI does the exfiltration for you. More here