Tag

Echoleak

All articles tagged with #echoleak

technology8 months ago•2 min saved

Critical Security Flaw in Microsoft 365 Copilot Raises Zero-Click Attack Concerns

Researchers uncovered 'EchoLeak,' a critical zero-click vulnerability in Microsoft 365 Copilot that allows silent exfiltration of sensitive data through prompt injection, highlighting emerging risks in AI-integrated enterprise systems. Microsoft fixed the flaw in May, with no evidence of exploitation, but the attack demonstrates the need for enhanced defenses against LLM scope violations.

via BleepingComputer|

#ai-vulnerability #data-exfiltration #echoleak

technology8 months ago•5 min saved

Microsoft Copilot flaw prompts urgent AI deployment concerns

Microsoft 365 Copilot, an AI tool integrated into Office applications, was found to have a critical security flaw called EchoLeak that allows zero-click attacks, potentially exposing sensitive data. Microsoft has fixed the issue, but the vulnerability highlights broader risks in AI agent design, prompting calls for fundamental system redesigns to improve security. Experts warn that similar vulnerabilities could affect other AI platforms, raising industry-wide concerns about deploying AI agents safely.

via Fortune|

#ai-security #ai-vulnerability #echoleak