News

SecurityWeek6d
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...
ET CIO4d
The silent threat in your AI stack: Why EchoLeak is a wake-up call for CXOs
Discover the silent threat of EchoLeak, a new vulnerability in AI systems that can lead to data leakage without user ...
First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.
Unite.AI1h
The Security Vulnerabilities We Built In: AI Agents and the Problem with Obedience
LLM-based AI agents are introducing a new class of vulnerabilities, where attackers inject malicious instructions into data, turning helpful systems into unwitting accomplices. Microsoft Copilot ...
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive ...
Researchers find 'dangerous' AI data leak flaw in Microsoft 365 Copilot: What the company has to say
A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025.
Hackers successfully attacked an AI agent, Microsoft fixed the flaw: Here’s why it’s scary
It didn’t start with a ransom note, there were no system crashes, no screens held hostage.Just an AI assistant, Microsoft ...
Microsoft fixes first known zero-click attack on an AI agent
EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...
Microsoft 365 Copilot’s Data Exposed – Hit by Zero-Click Vulnerability
Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...