Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive ...

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...

A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025.

Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) vulnerability in Microsoft 365 Copilot ...

Discover the silent threat of EchoLeak, a new vulnerability in AI systems that can lead to data leakage without user ...

Echoleak is a new attack vector that exploits AI assistants by subtly manipulating prompts. The attack was executed without ...

A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.

For example, Copilot being able to connect to OneDrive and retrieving data from a file stored there to answer a user query would be considered an agentic action. As per the researchers, the attack was ...