News

Microsoft 365 Copilot Vulnerable to Zero-Click EchoLeak Exploit, Cybersecurity Researchers Say
For example, Copilot being able to connect to OneDrive and retrieving data from a file stored there to answer a user query would be considered an agentic action. As per the researchers, the attack was ...
CSO Online2h
First-ever zero-click attack targets Microsoft 365 Copilot
A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.
SecurityWeek4h
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...
Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issue
Microsoft has released an emergency Windows 11 24H2 update to address an incompatibility issue triggering restarts with blue ...
Microsoft's Copilot Vision can now see and analyze any open file or app on your PC
No longer restricted to just Edge, Copilot Vision can now field questions on any file, app, window, or webpage you choose to ...
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction.