MCP Hijacking of Cursor’s New Browser
13 November 2025
A new era requires a new set of solutions
Knostic delivers it
Use CasesMirror probing Copilot queries and surface the sensitive insights they could infer, fueling red-team reports that drive action.
The Scenario
AI tools like Copilot create a new recon layer for pentesters: indirect, inference-based data access. With a single chat, a standard user might uncover salary figures, M&A plans, or patient data. To take action, leadership demands evidence of risks, not just theories.
Knostic clones a real non-admin role (intern, contractor) so findings are grounded in actual user access.
A library of attacker-style questions probes HR, finance, legal, and IP topics through Copilot.
The platform links every answer back to its source, exposing how “harmless” fragments create leaks.
Sort between regulatory sensitivity, affected business units, and potential operational exposure.
Increase security by adjusting labels or ACLs with one click. Then test to make sure you stopped the leaks.
Show executives the exact prompts and leaked insights, not just IP addresses and hashes.
Captures data assembled from multiple files, which legacy DLP misses.
Use evidence-based insights to justify deeper red team campaigns or simulate attacker behaviors at scale.
Agentless testing means no noise or user disruption.
No agents, scripts, or custom code.
Together, these capabilities let pentesters expose real AI-driven gaps, and give defenders an instant roadmap to close them.
Core Capabilities
Connects to M365 and Copilot in minutes, enabling rapid red-team cycles.
Fires natural-language recon prompts and surfaces the sensitive insights Copilot reveals.
Generates a tamper-proof log of prompts, answers, and sources, perfect for post-engagement reports.
Flags DLP/RBAC failures, pushes fixes, and retests to prove remediation.
Turns each leak into an owner-assigned action plan.
