Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

EchoLeak was the first known zero-click vulnerability in an AI assistant. It concerned Microsoft 365 Copilotwhich is integrated into several Office ...

Researchers have discovered the very first Zero-Click weak point in a AI assistant. Microsoft 365 Copilot allowed attackers ...

Microsoft has patched the critical 'EchoLeak' vulnerability in Microsoft 365 Copilot, a flaw that allowed attackers to ...

LLM-based AI agents are introducing a new class of vulnerabilities, where attackers inject malicious instructions into data, turning helpful systems into unwitting accomplices. Microsoft Copilot ...

What This Vulnerability Teaches Us About AI SecurityThe recent disclosure of EchoLeak by Aim Labs marks a significant milestone in AI security research. As the first documented zero-click exploit ...

Understanding the Human Side of Cyberattacks—and Why Schools Need Stronger Protection Cybersecurity in schools isn’t just ...

In a new special report entitled " Breaking down the infinite workday ," Microsoft describes how and why the never-ending ...

The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...

A critical AI vulnerability, 'EchoLeak,' was discovered in Microsoft 365 Copilot by Aim Labs researchers in January 2025.