Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

Security researchers Aim Labs discovered an LLM Scope Violation flaw in Microsoft 365 Copilot The critical-severity bug ...

A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.

Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...

Critically, according to Aim’s researchers, all of this happens behind the scenes. Users themselves don’t have to open the ...

EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...

Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user ...

Echoleak is a new attack vector that exploits AI assistants by subtly manipulating prompts. The attack was executed without ...

Researchers have said that Microsoft Copilot had a critical zero-click AI vulnerability that was fixed before hackers stole ...