Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

In a world first, researchers from Aim Labs have identified a critical zero-click vulnerability in Microsoft 365 Copilot that can lead to the exfiltration of sensitive corporate data with a simple ...

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to ...

A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025. This flaw allowed attackers to exfiltrate sensitive user data through ...

Explore Microsoft 365's June 2025 update, featuring AI-powered assistants, advanced security, and tools to simplify your ...

Understanding the Microsoft Copilot Vulnerability Microsoft Copilot, an advanced AI-driven tool integrated into the Microsoft 365 suite, was designed to enhance productivity by assisting users in ...

Microsoft 365 Copilot, the enterprise-focused artificial intelligence (AI) chatbot that works across Office apps, is vulnerable to a zero-click vulnerability.

Microsoft has patched the critical 'EchoLeak' vulnerability in Microsoft 365 Copilot, a flaw that allowed attackers to exfiltrate sensitive data via a single email and highlights a new class of AI ...