News

Hosted on MSN20d
Microsoft Copilot Vulnerability Exposes Users to Zero-Click Cyber Threats - MSN
Understanding the Microsoft Copilot Vulnerability. Microsoft Copilot, an advanced AI-driven tool integrated into the Microsoft 365 suite, was designed to enhance productivity by assisting users in ...
Security researchers found a zero-click vulnerability in Microsoft 365 Copilot.
The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...
AOL22d
Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—‘I would be terrified’ - AOL
In the case of Microsoft 365 Copilot, the vulnerability lets a hacker trigger an attack simply by sending an email to a user, with no phishing or malware needed. Instead, ...
Infosecurity-magazine.com20d
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft - Infosecurity Magazine
How Microsoft 365 Copilot Uses RAG and LLMs Microsoft 365 Copilot is an AI-powered productivity tool that integrates with apps such as Word, Excel, PowerPoint, Outlook and Teams. It utilizes LLMs – ...
First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.
heise online21d
Critical vulnerability in Microsoft 365 Copilot shows risk of AI agents
Users of Microsoft 365 Copilot were threatened by a critical security vulnerability for months. The AI assistant for company software could be tricked into disclosing sensitive and other information.
The Hindu20d
Researchers discover zero-click vulnerability in Microsoft Copilot
Researchers have said that Microsoft Copilot had a critical zero-click AI vulnerability that was fixed before hackers stole sensitive data. Called ‘EchoLeak,’ the attack was mounted by Aim ...