Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

Researchers have said that Microsoft Copilot had a critical zero-click AI vulnerability that was fixed before hackers stole sensitive data.

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...

Discovered by Aim Security, it’s the first documented zero-click attack on an AI agent, exposing the invisible risks lurking in the AI tools we use every day. One crafted email is all it takes.

EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, ...

Microsoft has fixed a dangerous zero-click attack in its Generative Artificial Intelligence (GenAI) model which could have allowed threat actors to silently exfiltrate sensitive corporate data ...

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction.

Critical flaw in Microsoft Copilot could have allowed zero-click attack. Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California.

Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's no evidence bad actors managed to access sensitive user data.

More and more companies are introducing AI systems such as . Microsoft 365 Copilot, but security company Aim Security has recently demonstrated that a zero-click attack is possible, in which ...