News

Bleeping Computer1mon
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction.
Techzine Europe12d
Critical vulnerability discovered in Copilot Enterprise
Dutch cybersecurity company Eye Security has discovered a security vulnerability in Microsoft Copilot Enterprise that allowed ...
Hosted on MSN1mon
Researchers find 'dangerous' AI data leak flaw in Microsoft 365 Copilot ...
A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025. This flaw allowed attackers to exfiltrate sensitive user data through ...
CSOonline1mon
First-ever zero-click attack targets Microsoft 365 Copilot
Copilot processes it silently, follows hidden prompts, digs through internal files, and sends confidential data out, all while slipping past Microsoft’s security defenses, according to the ...
Hosted on MSN1mon
Microsoft Copilot's own default configuration exposed users to the ...
Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's no evidence bad actors managed to access sensitive user data.