A novel cyber-attack method dubbed ConfusedPilot, which targets Retrieval-Augmented Generation (RAG) based AI systems like Microsoft 365 Copilot, has been identified by researchers at the University of Texas at Austin's SPARK Lab. The team, led by Professor Mohit Tiwari, CEO of Symmetry Systems, uncovered how attackers could manipulate AI-generated responses by introducing malicious content into documents the AI references. This could lead to misinformation and flawed decision-making across organizations. With 65% of Fortune 500 companies adopting or planning to implement RAG-based systems, the potential for widespread disruption is significant. The ConfusedPilot attack method requires only basic access to a target's environment and can persist even after the malicious content is removed.