Tag

Echoleak

All articles tagged with #echoleak

Critical Security Flaw in Microsoft 365 Copilot Raises Zero-Click Attack Concerns

Originally Published 7 months ago — by BleepingComputer

Researchers uncovered 'EchoLeak,' a critical zero-click vulnerability in Microsoft 365 Copilot that allows silent exfiltration of sensitive data through prompt injection, highlighting emerging risks in AI-integrated enterprise systems. Microsoft fixed the flaw in May, with no evidence of exploitation, but the attack demonstrates the need for enhanced defenses against LLM scope violations.

business technology ai-vulnerability data-exfiltration echoleak microsoft-365-copilot prompt-injection technology

Microsoft Copilot flaw prompts urgent AI deployment concerns

Originally Published 7 months ago — by Fortune

Microsoft 365 Copilot, an AI tool integrated into Office applications, was found to have a critical security flaw called EchoLeak that allows zero-click attacks, potentially exposing sensitive data. Microsoft has fixed the issue, but the vulnerability highlights broader risks in AI agent design, prompting calls for fundamental system redesigns to improve security. Experts warn that similar vulnerabilities could affect other AI platforms, raising industry-wide concerns about deploying AI agents safely.

business technology ai-security ai-vulnerability echoleak microsoft-copilot security-flaw technology