The researchers at Aim Security dubbed the flaw “EchoLeak.” Microsoft told Fortune that it has already fixed the issue in Microsoft 365 Copilot and that its customers were unaffected.

Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot. The issue allowed M365 ...

Microsoft Copilot’s audit log flaw creates blind spots for attackers, leaving security teams struggling to trace activity. Enterprises must act fast.

Today is Microsoft's August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly ...

Microsoft fixed 111 vulnerabilities, including a Windows Kerberos zero-day enabling full AD compromise via BadSuccessor.

Microsoft declined to comment on the GPT-5 references in Copilot, and the company isn’t commenting on its new smart mode, ...

Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program.

July 21 (UPI) -- An investigation is underway after hackers used a security flaw in Microsoft software to internationally infiltrate agencies and businesses over the weekend.

The bug, tracked as CVE-2025-31199, could allow hackers to access files in the Downloads folder, as well as caches utilized by Apple Intelligence. Microsoft dubbed the vulnerability “Sploitlight” ...