Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.

Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, PowerPoint, and Teams, harbored a critical security flaw that, according to ...

Also, Microsoft noted that there's no evidence of any real-world exploitation, so this flaw impacted no customers. Microsoft 365 Copilot is an AI assistant built into Office apps like Word, Excel ...

Microsoft has since fixed the critical flaw and given it the identifier CVE-2025-32711. It also hasn’t been exploited in the wild. Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot ...

Microsoft 365 and Outlook users are being targeted by a tactic that injects fake billing alerts directly into their calendars ...

Microsoft 365 Copilot is an AI-powered productivity tool that integrates with apps such as Word, Excel, PowerPoint, Outlook and Teams. It utilizes LLMs – specifically, OpenAI’s GPT models – and the ...

Microsoft has fixed a dangerous zero-click attack in its Generative Artificial Intelligence (GenAI) model which could have allowed threat actors to silently exfiltrate sensitive corporate data without ...

Learn more about Microsoft's Secure Future and Initiative and eliminating high-privileged access across all Microsoft 365 ...

Microsoft has fixed 137 Windows security flaws, one publicly known Zero-Day vulnerability in the latest Patch Tuesday.

Once the update is fully rolled out, Defender for Office 365 will detect email bombing attacks and send those emails straight ...

Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage Your email has been sent WebDAV flaw actively exploited for targeted espionage Proof-of-concept exploit for ...