Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.

Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

In an era where cloud-based solutions and artificial intelligence are the cornerstones of digital transformation, security vulnerabilities in these platforms ...

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...

Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent data leaks.

Researchers have said that Microsoft Copilot had a critical zero-click AI vulnerability that was fixed before hackers stole ...

The M365 AI agent could be tricked into releasing sensitive information via email and without a mouse click. Microsoft has ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) vulnerability in Microsoft 365 Copilot ...

Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user ...