News

First Known ‘Zero-Click’ AI Exploit: Microsoft 365 Copilot’s EchoLeak Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...
Infosecurity Magazine11h
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...
Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage
Security experts offer their takes on some of the flaws, including a set of vulnerabilities that could enable remote code ...
Security researchers found a zero-click vulnerability in Microsoft 365 Copilot.
The vulnerability, called “EchoLeak,” lets attackers “automatically exfiltrate sensitive and proprietary information” from Microsoft 365 Copilot without knowledge of the user, according to findings ...
Trend Micro patches several worrying security flaws, so update now
Half a dozen flaws across different Trend Micro products were addressed, despite not being abused in the wild.
Over 80,000 Microsoft Entra ID accounts hit by password spraying attacks
Hackers are abusing a legitimate tool to target Entra ID accounts The password spraying attack targeted some 80,000 accounts ...
Microsoft confirms auth issues affecting Microsoft 365 users
Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features.