Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

Microsoft has fixed a dangerous zero-click attack in its Generative Artificial Intelligence (GenAI) model which could have allowed threat actors to silently exfiltrate sensitive corporate data without ...

Dubbed "EchoLeak," the security flaw is being described by cybersecurity researchers as the first known zero-click attack targeting an AI assistant.

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...

Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, PowerPoint, and Teams, harbored a critical security flaw that, according to ...

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email ...

The Anthropic Model Context Protocol (MCP) Inspector project carried a critical-severity vulnerability which could have ...

Digital security researchers have revealed that there’s a vulnerability built into Microsoft’s Copilot —the big tech company’s landmark AI system, which it has built into familiar ...

As AI tools become core to daily workflows, Microsoft has started tying employee evaluations to how effectively they use ...