Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...

A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.

Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...

Microsoft’s been inserting AI everywhere it can, including into some of the world’s most popular business productivity apps.

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

The M365 AI agent could be tricked into releasing sensitive information via email and without a mouse click. Microsoft has ...

Critically, according to Aim’s researchers, all of this happens behind the scenes. Users themselves don’t have to open the ...

Researchers uncover a critical AI flaw in Microsoft 365 Copilot, allowing silent data theft through email without any user ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...

EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...

EchoLeak was the first known zero-click vulnerability in an AI assistant. It concerned Microsoft 365 Copilotwhich is integrated into several Office ...