News

First Known ‘Zero-Click’ AI Exploit: Microsoft 365 Copilot’s EchoLeak Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...
Microsoft Copilot's own default configuration exposed users to the first-ever "zero-click" AI attack, but there was no data breach
Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...
Why Microsoft 365 Copilot is a “game changer” for startup engineers
FreePower’s VP of engineering shows how her team saves time processing massive amounts of data to focus on the next wave of ...
Microsoft is prepping an AI Copilot for the Pentagon
Microsoft is preparing a version of its Copilot AI tool for the Pentagon as it nears a deal to add 1 million new users from a ...
Infosecurity Magazine17h
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...
Researchers find 'dangerous' AI data leak flaw in Microsoft 365 Copilot: What the company has to say
A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025.
Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—’I would be terrified’
Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, ...
Microsoft is working on a deal to add 1 million Copilot users from a single customer, exec says in internal meeting
Chief Commercial Officer Judson Althoff told employees in a recent meeting that the software giant is working on this big ...
SecurityWeek1d
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...
Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot
Critically, according to Aim’s researchers, all of this happens behind the scenes. Users themselves don’t have to open the ...
CSO Online1d
First-ever zero-click attack targets Microsoft 365 Copilot
A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.
Microsoft fixes first known zero-click attack on an AI agent
EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...