News

First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...
Microsoft Copilot's own default configuration exposed users to the first-ever "zero-click" AI attack, but there was no data breach
Aim Labs recently shared findings about the first-ever zero-click AI attack impacting Microsoft 365 Copilot, though there's ...
Microsoft is prepping an AI Copilot for the Pentagon
Microsoft is preparing a version of its Copilot AI tool for the Pentagon as it nears a deal to add 1 million new users from a ...
Why Microsoft 365 Copilot is a “game changer” for startup engineers
FreePower’s VP of engineering shows how her team saves time processing massive amounts of data to focus on the next wave of ...
CSO Online1d
First-ever zero-click attack targets Microsoft 365 Copilot
A single email can silently trigger Copilot to exfiltrate sensitive corporate data — no clicks, no warnings, no user action.
Microsoft is working on a deal to add 1 million Copilot users from a single customer, exec says in internal meeting
Chief Commercial Officer Judson Althoff told employees in a recent meeting that the software giant is working on this big ...
Explore more
3 Microsoft Copilot Tricks Every Accountant Should Know in 2025
Learn 3 essential ways Microsoft Copilot can help CPAs automate tasks, uncover insights, and deliver more value to clients in ...
Security researchers found a zero-click vulnerability in Microsoft 365 Copilot.
The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...
Critical flaw in Microsoft Copilot could have allowed zero-click attack
Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user ...