The “EchoLeak,” as the security flaw is known, is the first known AI security vulnerability that doesn’t require users to ...

Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines ...

Cybersecurity researchers uncover NightEagle APT exploiting zero-day in Microsoft Exchange servers, targeting government, ...

The Anthropic Model Context Protocol (MCP) Inspector project carried a critical-severity vulnerability which could have ...

A new report out today from unified identity security company Silverfort Inc. details a previously undisclosed ...

As AI tools become core to daily workflows, Microsoft has started tying employee evaluations to how effectively they use ...

Microsoft’s been inserting AI everywhere it can, including into some of the world’s most popular business productivity apps. Digital security researchers have revealed that there’s a ...

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email ...

Semperis, a provider of AI-powered identity security and cyber resilience, released new research into nOAuth known vulnerability in Microsoft’s Entra ID that enables full account takeover ...

The vulnerability involves a cross-tenant authentication flaw affecting Entra ID integrations – attackers could execute full account takeover with just access to an Entra tenant and the victim's email ...