Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, ...

Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

The M365 AI agent could be tricked into releasing sensitive information via email and without a mouse click. Microsoft has ...

Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to ...

A critical security flaw in Microsoft 365 Copilot, an AI tool, highlights the increasing risk of AI agents being hacked.

Microsoft has fixed a dangerous zero-click attack in its Generative Artificial Intelligence (GenAI) model which could have ...

A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025.

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) vulnerability in Microsoft 365 Copilot ...

A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive ...