June 16, 2026
Most organizations believe hallucinations are the biggest risk in enterprise AI. In reality, one of the most dangerous threats is something far less visible: Indirect Prompt Injection. In this episode, we explore how trusted documents, emails, SharePoint content, Teams conversations, and knowledge bases can become attack vectors that manipulate AI systems without ever compromising the underlying infrastructure.The episode examines why Retrieval-Augmented Generation (RAG), the foundation behind Microsoft 365 Copilot, Azure AI Foundry solutions, and many enterprise AI assistants, introduces an entirely new security challenge. Unlike traditional software, large language models cannot reliably separate data from instructions. Every piece of retrieved content becomes part of the model's context, allowing hidden commands, poisoned documents, metadata, and embedded instructions to influence AI behavior.Listeners will learn how indirect prompt injection works, why system prompts are n…