#echoleak — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #echoleak, aggregated by home.social.
-
https://www.tkhunt.com/2287450/ SP-047 徹底解説:エンタープライズ自律型AIエージェント セキュリティフレームワーク|7統制領域×35 NIST統制×4大実例 #AgenticAi #AI #AIAgent #AIGovernance #AIエージェント #AIガバナンス #AIセキュリティ #AmazonQ #ArtificialIntelligence #ASI01 #ASI02 #ASI09 #CISO #Copilot #Cybersecurity #EchoLeak #LangChain #LangGraph #MITREATLAS #NIST80053 #OpenSecurityArchitecture #OWASP #Replit #SP047 #TrustAISecurity #エージェントセキュリティ #エージェント型AI #エンタープライズセキュリティ #サイバーセキュリティ #プロンプトインジェクション #人工知能 #自律型AI
-
https://www.tkhunt.com/2287450/ SP-047 徹底解説:エンタープライズ自律型AIエージェント セキュリティフレームワーク|7統制領域×35 NIST統制×4大実例 #AgenticAi #AI #AIAgent #AIGovernance #AIエージェント #AIガバナンス #AIセキュリティ #AmazonQ #ArtificialIntelligence #ASI01 #ASI02 #ASI09 #CISO #Copilot #Cybersecurity #EchoLeak #LangChain #LangGraph #MITREATLAS #NIST80053 #OpenSecurityArchitecture #OWASP #Replit #SP047 #TrustAISecurity #エージェントセキュリティ #エージェント型AI #エンタープライズセキュリティ #サイバーセキュリティ #プロンプトインジェクション #人工知能 #自律型AI
-
https://www.tkhunt.com/2287450/ SP-047 徹底解説:エンタープライズ自律型AIエージェント セキュリティフレームワーク|7統制領域×35 NIST統制×4大実例 #AgenticAi #AI #AIAgent #AIGovernance #AIエージェント #AIガバナンス #AIセキュリティ #AmazonQ #ArtificialIntelligence #ASI01 #ASI02 #ASI09 #CISO #Copilot #Cybersecurity #EchoLeak #LangChain #LangGraph #MITREATLAS #NIST80053 #OpenSecurityArchitecture #OWASP #Replit #SP047 #TrustAISecurity #エージェントセキュリティ #エージェント型AI #エンタープライズセキュリティ #サイバーセキュリティ #プロンプトインジェクション #人工知能 #自律型AI
-
https://www.tkhunt.com/2287450/ SP-047 徹底解説:エンタープライズ自律型AIエージェント セキュリティフレームワーク|7統制領域×35 NIST統制×4大実例 #AgenticAi #AI #AIAgent #AIGovernance #AIエージェント #AIガバナンス #AIセキュリティ #AmazonQ #ArtificialIntelligence #ASI01 #ASI02 #ASI09 #CISO #Copilot #Cybersecurity #EchoLeak #LangChain #LangGraph #MITREATLAS #NIST80053 #OpenSecurityArchitecture #OWASP #Replit #SP047 #TrustAISecurity #エージェントセキュリティ #エージェント型AI #エンタープライズセキュリティ #サイバーセキュリティ #プロンプトインジェクション #人工知能 #自律型AI
-
https://www.tkhunt.com/2287450/ SP-047 徹底解説:エンタープライズ自律型AIエージェント セキュリティフレームワーク|7統制領域×35 NIST統制×4大実例 #AgenticAi #AI #AIAgent #AIGovernance #AIエージェント #AIガバナンス #AIセキュリティ #AmazonQ #ArtificialIntelligence #ASI01 #ASI02 #ASI09 #CISO #Copilot #Cybersecurity #EchoLeak #LangChain #LangGraph #MITREATLAS #NIST80053 #OpenSecurityArchitecture #OWASP #Replit #SP047 #TrustAISecurity #エージェントセキュリティ #エージェント型AI #エンタープライズセキュリティ #サイバーセキュリティ #プロンプトインジェクション #人工知能 #自律型AI
-
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent https://hackread.com/shadowleak-exploit-exposed-gmail-data-chatgpt-agent/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #ShadowLeak #ZeroClick #Security #EchoLeak #ChatGPT #Redware #OpenAI #gmail #AI
-
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent https://hackread.com/shadowleak-exploit-exposed-gmail-data-chatgpt-agent/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #ShadowLeak #ZeroClick #Security #EchoLeak #ChatGPT #Redware #OpenAI #gmail #AI
-
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent https://hackread.com/shadowleak-exploit-exposed-gmail-data-chatgpt-agent/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #ShadowLeak #ZeroClick #Security #EchoLeak #ChatGPT #Redware #OpenAI #gmail #AI
-
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent https://hackread.com/shadowleak-exploit-exposed-gmail-data-chatgpt-agent/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #ShadowLeak #ZeroClick #Security #EchoLeak #ChatGPT #Redware #OpenAI #gmail #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data – Source:hackread.com https://ciso2ciso.com/agentflayer-0-click-exploit-abuses-chatgpt-connectors-to-steal-3rd-party-app-data-sourcehackread-com/ #1CyberSecurityNewsPost #artificialintelligence #CyberSecurityNews #cybersecurity #Vulnerability #AgentFlayer #BlackHat #EchoLeak #Hackread #security #Chatgpt #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data – Source:hackread.com https://ciso2ciso.com/agentflayer-0-click-exploit-abuses-chatgpt-connectors-to-steal-3rd-party-app-data-sourcehackread-com/ #1CyberSecurityNewsPost #artificialintelligence #CyberSecurityNews #cybersecurity #Vulnerability #AgentFlayer #BlackHat #EchoLeak #Hackread #security #Chatgpt #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data – Source:hackread.com https://ciso2ciso.com/agentflayer-0-click-exploit-abuses-chatgpt-connectors-to-steal-3rd-party-app-data-sourcehackread-com/ #1CyberSecurityNewsPost #artificialintelligence #CyberSecurityNews #cybersecurity #Vulnerability #AgentFlayer #BlackHat #EchoLeak #Hackread #security #Chatgpt #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data – Source:hackread.com https://ciso2ciso.com/agentflayer-0-click-exploit-abuses-chatgpt-connectors-to-steal-3rd-party-app-data-sourcehackread-com/ #1CyberSecurityNewsPost #artificialintelligence #CyberSecurityNews #cybersecurity #Vulnerability #AgentFlayer #BlackHat #EchoLeak #Hackread #security #Chatgpt #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data https://hackread.com/agentflayer-0-click-exploit-chatgpt-connectors-steal-data/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #Security #BlackHat #EchoLeak #ChatGPT #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data https://hackread.com/agentflayer-0-click-exploit-chatgpt-connectors-steal-data/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #Security #BlackHat #EchoLeak #ChatGPT #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data https://hackread.com/agentflayer-0-click-exploit-chatgpt-connectors-steal-data/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #Security #BlackHat #EchoLeak #ChatGPT #Zenity #AI
-
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data https://hackread.com/agentflayer-0-click-exploit-chatgpt-connectors-steal-data/ #ArtificialIntelligence #Cybersecurity #Vulnerability #AgentFlayer #Security #BlackHat #EchoLeak #ChatGPT #Zenity #AI
-
⚠️ How secure are the #AI systems used by your company? #EchoLeak has really been putting a spotlight on this issue—and the reality is that AI tools pose many risks to businesses. 😨
"AI tools are increasingly being embedded deep into business infrastructure — often alongside 'vague policies' or 'limited visibility into how they process and store data'", says Robert Rea, chief technical officer at #Graylog.
Kate O'Flaherty spoke about this challenge with several industry experts, in addition to Graylog's Robert Rea, including:
👉 Lillian Tsang at Harper James
👉 Emilio Pinna at SecureFlag
👉 Joseph Thompson at Birketts LLP
👉 Sam Peters at ISMS.onlineLearn about what it means to be risk aware when it comes to AI tools, and how to strengthen the AI governance strategies at your org. 👇
https://www.isms.online/cyber-security/echoleak-are-firms-complacent-about-the-risks-posed-by-ai/ #cybersecurity #artificialintelligence #AIsecurity #AItools #agenticAI
-
No Click. No Warning. Just a Data Leak.
Think your AI assistant is secure? Think again. The new EchoLeak exploit shows how Microsoft 365 Copilot, and tools like it, can silently expose your sensitive data without a single user interaction. No clicks. No downloads. Just a well-crafted email.
In this eye-opening blog, we break down how EchoLeak works, why prompt injection is a growing AI threat, and the 5 actions you need to take right now to protect your organization.
Read now: https://www.lmgsecurity.com/no-click-nightmare-how-echoleak-redefines-ai-data-security-threats/
#AIDataSecurity #Cyberaware #Cyber #SMB #Copilot #AI #GenAI #EchoLeak #PromptInjection #MicrosoftCopilot #Cybersecurity #CISO #ITsecurity #InfoSec #AISecurityRisks
-
Pierwsza podatność typu „zero-click” w Microsoft 365 Copilot. Dane wyciekały bez ingerencji użytkowników.
Badacze z Aim Security odkryli pierwszą podatność „zero-click” w agencie sztucznej inteligencji (AI). Microsoft 365 Copilot można było zmusić agenta do wyciekania poufnych danych organizacji bez ingerencji przez użytkownika – ofiarę. Wystarczyła wysyłka jednego, odpowiedniego spreparowanego maila. Podatność otrzymała oznaczenie CVE-2025-32711 z oceną CVSS 9.3 (krytyczna) i została ochrzczona przez...
#WBiegu #Ai #CPIA #Echoleak #Leak #Markdown #PromptInjection #Wyciek
-
Can Your AI Be Hacked by Email Alone?
No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.
In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.
We’ll also share:
• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
🎥 Watch the video: https://youtu.be/sFP25yH0sf4#EchoLeak #Cybersecurity #AIsecurity #Microsoft365 #Copilot #PromptInjection #CISO #InsiderThreats #GenAI #RiskManagement #CybersideChats
-
Can Your AI Be Hacked by Email Alone?
No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.
In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.
We’ll also share:
• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
🎥 Watch the video: https://youtu.be/sFP25yH0sf4#EchoLeak #Cybersecurity #AIsecurity #Microsoft365 #Copilot #PromptInjection #CISO #InsiderThreats #GenAI #RiskManagement #CybersideChats
-
Can Your AI Be Hacked by Email Alone?
No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.
In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.
We’ll also share:
• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
🎥 Watch the video: https://youtu.be/sFP25yH0sf4#EchoLeak #Cybersecurity #AIsecurity #Microsoft365 #Copilot #PromptInjection #CISO #InsiderThreats #GenAI #RiskManagement #CybersideChats
-
Can Your AI Be Hacked by Email Alone?
No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.
In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.
We’ll also share:
• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
🎥 Watch the video: https://youtu.be/sFP25yH0sf4#EchoLeak #Cybersecurity #AIsecurity #Microsoft365 #Copilot #PromptInjection #CISO #InsiderThreats #GenAI #RiskManagement #CybersideChats
-
Can Your AI Be Hacked by Email Alone?
No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.
In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.
We’ll also share:
• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
🎥 Watch the video: https://youtu.be/sFP25yH0sf4#EchoLeak #Cybersecurity #AIsecurity #Microsoft365 #Copilot #PromptInjection #CISO #InsiderThreats #GenAI #RiskManagement #CybersideChats
-
Nu har den kommit, den första sårbarheten i Copilot som kan användas för att genom att skicka ett mail extrahera känslig information från en organisation.
Mer information om sårbarheten echoleak (CVE-2025-32711) finns här:
https://www.aim.security/lp/aim-labs-echoleak-m365 -
LLM based agents cannot be secured if you 1) give them access to private data, 2) let them read untrusted content, and 3) allow them to communicate with the external world.
In his new blog post, Simon Willison writes a sharp & easy to understand summary about this "lethal trifecta for AI agents": https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/
M365 #Copilot hacks like #EchoLeak are nasty. But as Simon points out, once you combine different AI tools and #MCP to build your own agents, securing agents gets even harder.
-
Microsoft 365 Copilot: Critical 'EchoLeak' Flaw Turned Microsoft's Own AI Into Data Thief
#AI #AISecurity #Microsoft #Copilot #CyberSecurity #EchoLeak #Vulnerability #DataBreach #LLM #InfoSec #Microsoft365 #EnterpriseSecurity
-
Copilot happily executes attack instructions it finds in emails you receive. This bubble is going to burst.
-
Interesting video about a new prompt injection named #EchoLeak in #MSFT #Copilot: https://www.youtube.com/watch?v=1wfyJd6bekg
-
Die allererste Zero-Click-#Sicherheitslücke in einem #KI-Assistenten wurde gefunden. "#EchoLeak" veranlasste den #Microsoft365 #Copilot, sensible Daten offenzulegen & enthüllt ein grundlegendes Design-Problem. https://winfuture.de/news,151568.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data – Source:hackread.com https://ciso2ciso.com/echoleak-zero-click-ai-attack-in-microsoft-copilot-exposes-company-data-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #MicrosoftCopilot #cybersecurity #Vulnerability #Microsoft365 #AiChatbot #Microsoft #ZeroClick #EchoLeak #Hackread #News
-
CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent – Source: socprime.com https://ciso2ciso.com/cve-2025-32711-vulnerability-echoleak-flaw-in-microsoft-365-copilot-could-enable-a-zero-click-attack-on-an-ai-agent-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CVE-2025-32711 #Latestthreats #Vulnerability #socprimecom #zeroclick #EchoLeak #socprime #Blog #CVE
-
"Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already: an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link, hence stealing that data (to the attacker's own logging server) when that link is clicked.
The lethal trifecta strikes again! Any time a system combines access to private data with exposure to malicious tokens and an exfiltration vector you're going to see the same exact security issue.
In this case the first step is an "XPIA Bypass" - XPIA is the acronym Microsoft use for prompt injection (cross/indirect prompt injection attack). Copilot apparently has classifiers for these, but unsurprisingly these can easily be defeated:"
https://simonwillison.net/2025/Jun/11/echoleak/
#AI #GenerativeAI #CyberSecurity #EchoLeak #Microsoft #Microsof365Copilot #ZeroClickVulnerability #LLMs #PromptInjection #Markdown #Copilot
-
"Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already: an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link, hence stealing that data (to the attacker's own logging server) when that link is clicked.
The lethal trifecta strikes again! Any time a system combines access to private data with exposure to malicious tokens and an exfiltration vector you're going to see the same exact security issue.
In this case the first step is an "XPIA Bypass" - XPIA is the acronym Microsoft use for prompt injection (cross/indirect prompt injection attack). Copilot apparently has classifiers for these, but unsurprisingly these can easily be defeated:"
https://simonwillison.net/2025/Jun/11/echoleak/
#AI #GenerativeAI #CyberSecurity #EchoLeak #Microsoft #Microsof365Copilot #ZeroClickVulnerability #LLMs #PromptInjection #Markdown #Copilot
-
"Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already: an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link, hence stealing that data (to the attacker's own logging server) when that link is clicked.
The lethal trifecta strikes again! Any time a system combines access to private data with exposure to malicious tokens and an exfiltration vector you're going to see the same exact security issue.
In this case the first step is an "XPIA Bypass" - XPIA is the acronym Microsoft use for prompt injection (cross/indirect prompt injection attack). Copilot apparently has classifiers for these, but unsurprisingly these can easily be defeated:"
https://simonwillison.net/2025/Jun/11/echoleak/
#AI #GenerativeAI #CyberSecurity #EchoLeak #Microsoft #Microsof365Copilot #ZeroClickVulnerability #LLMs #PromptInjection #Markdown #Copilot
-
"Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already: an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link, hence stealing that data (to the attacker's own logging server) when that link is clicked.
The lethal trifecta strikes again! Any time a system combines access to private data with exposure to malicious tokens and an exfiltration vector you're going to see the same exact security issue.
In this case the first step is an "XPIA Bypass" - XPIA is the acronym Microsoft use for prompt injection (cross/indirect prompt injection attack). Copilot apparently has classifiers for these, but unsurprisingly these can easily be defeated:"
https://simonwillison.net/2025/Jun/11/echoleak/
#AI #GenerativeAI #CyberSecurity #EchoLeak #Microsoft #Microsof365Copilot #ZeroClickVulnerability #LLMs #PromptInjection #Markdown #Copilot
-
"Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already: an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link, hence stealing that data (to the attacker's own logging server) when that link is clicked.
The lethal trifecta strikes again! Any time a system combines access to private data with exposure to malicious tokens and an exfiltration vector you're going to see the same exact security issue.
In this case the first step is an "XPIA Bypass" - XPIA is the acronym Microsoft use for prompt injection (cross/indirect prompt injection attack). Copilot apparently has classifiers for these, but unsurprisingly these can easily be defeated:"
https://simonwillison.net/2025/Jun/11/echoleak/
#AI #GenerativeAI #CyberSecurity #EchoLeak #Microsoft #Microsof365Copilot #ZeroClickVulnerability #LLMs #PromptInjection #Markdown #Copilot
-
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data https://hackread.com/zero-click-ai-flaw-microsoft-365-copilot-expose-data/ #MicrosoftCopilot #Cybersecurity #Vulnerability #Microsoft365 #AiChatbot #Microsoft #ZeroClick #EchoLeak #News
-
A zero-click flaw in #Microsoft365Copilot, dubbed #EchoLeak, lets attackers steal company data through a single email, no user action needed. AI assistants now pose real risks.
Read: https://hackread.com/zero-click-ai-flaw-microsoft-365-copilot-expose-data/
-
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot https://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/ #ArtificialIntelligence #Microsoft365 #EchoLeak #Copilot #AI
-
‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot https://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/ #ArtificialIntelligence #Microsoft365 #EchoLeak #Copilot #AI
-
Kritische Sicherheitslücke in #Microsoft365 #Copilot zeigt Risiko von KI-Agenten | heise online https://www.heise.de/news/Kritische-Sicherheitsluecke-in-Microsoft-365-Copilot-zeigt-Risiko-von-KI-Agenten-10441034.html #EchoLeak #ArtificialIntelligence
-
#Microsoft 365 #Copilot had a critical security flaw called #EchoLeak: the first #AI #zeroclick attack allowed hackers to #access sensitive information by sending an #email to a user. https://fortune.com/2025/06/11/microsoft-copilot-vulnerability-ai-agents-echoleak-hacking/?eicker.news #tech #media #news
-
EchoLeak – 0-Click AI Vulnerability Enabling Data Exfiltration from 365 Copilot
https://www.aim.security/lp/aim-labs-echoleak-blogpost
#HackerNews #EchoLeak #AI #Vulnerability #DataExfiltration #365Copilot #Cybersecurity