Researchers have said that Microsoft Copilot had a critical zero-click AI vulnerability that was fixed before hackers stole sensitive data.

Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

Data Risk Report reveals AI tools and SaaS apps led to millions of data losses in 2024. Proactive security is critical.

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...

Users of Microsoft 365 Copilot were threatened by a critical security vulnerability for months. The AI assistant for company software could be tricked into disclosing sensitive and other information.

In a world first, researchers from Aim Labs have identified a critical zero-click vulnerability in Microsoft 365 Copilot that can lead to the exfiltration of sensitive corporate data with a simple ...

Understanding the Microsoft Copilot Vulnerability Microsoft Copilot, an advanced AI-driven tool integrated into the Microsoft 365 suite, was designed to enhance productivity by assisting users in ...

TL;DR: Microsoft has patched a critical zero-click vulnerability in Copilot that allowed remote attackers to automatically exfiltrate sensitive user data simply by sending an email. Dubbed ...