News

Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—‘I would be terrified’
Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, ...
CSO Online15h
First-ever zero-click attack targets Microsoft 365 Copilot
A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.
Critical vulnerability in Microsoft 365 Copilot shows risk of AI agents
The M365 AI agent could be tricked into releasing sensitive information via email and without a mouse click. Microsoft has ...
Researchers Just Found a Big Security Flaw in Microsoft’s AI. Here’s Why Businesses Should Worry
Microsoft’s been inserting AI everywhere it can, including into some of the world’s most popular business productivity apps.
Microsoft 365 Copilot’s Data Exposed – Hit by Zero-Click Vulnerability
Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...
How To Conduct Red Teaming Of AI Copilots
Here, I'll outline how CISOs can assign red teams to hunt for such files, some examples of real-world findings and suggested ...
Critical flaw in Microsoft Copilot could have allowed zero-click attack
Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user ...
The Hacker News19h
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent data leaks.
AI Security Alarm: Microsoft Copilot Vulnerability Exposed Sensitive Data via Zero-Click Email Exploit
Researchers uncover a critical AI flaw in Microsoft 365 Copilot, allowing silent data theft through email without any user ...
Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot
Critically, according to Aim’s researchers, all of this happens behind the scenes. Users themselves don’t have to open the ...