News

First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...
Microsoft is prepping an AI Copilot for the Pentagon
Microsoft is preparing a version of its Copilot AI tool for the Pentagon as it nears a deal to add 1 million new users from a ...
Researchers Just Found a Big Security Flaw in Microsoft’s AI. Here’s Why Businesses Should Worry
Microsoft’s been inserting AI everywhere it can, including into some of the world’s most popular business productivity apps.
Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—‘I would be terrified’
Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, ...
Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot
Critically, according to Aim’s researchers, all of this happens behind the scenes. Users themselves don’t have to open the ...
SecurityWeek3d
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...
Microsoft fixes first known zero-click attack on an AI agent
EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...
Microsoft’s AI security chief accidentally reveals Walmart’s AI plans after protest
Microsoft’s head of security for AI, Neta Haiby, accidentally revealed confidential messages about Walmart’s use of Microsoft ...
Microsoft Copilot targeted in first “zero-click” attack on an AI agent - what you need to know
Microsoft has fixed a dangerous zero-click attack in its Generative Artificial Intelligence (GenAI) model which could have ...
Microsoft’s Free Cyber Security Support to European Governments Reflects ‘Deep, Enduring, Unwavering’ Commitment
Microsoft is helping Europe fight AI-based cyberattacks with a free security program tailored for governments.
The Hacker News2d
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent ...
Microsoft 365 Copilot’s Data Exposed – Hit by Zero-Click Vulnerability
Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) vulnerability in Microsoft 365 Copilot ...