A critical zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak,” enables attackers to automatically exfiltrate sensitive organizational data without requiring any user interaction. The vulnerability represents a significant breakthrough in AI security research, introducing a new class of attack called “LLM Scope Violation” that could affect other AI-powered applications beyond Microsoft’s platform. The EchoLeak attack […]
The post 0-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams appeared first on Cyber Security News.
This article has been indexed from Cyber Security News