Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple ...

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data ...

A well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data, until the operating system giant patched the ...

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive ...

Microsoft has patched the critical 'EchoLeak' vulnerability in Microsoft 365 Copilot, a flaw that allowed attackers to ...

Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user ...

Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent ...

Researchers uncover a critical AI flaw in Microsoft 365 Copilot, allowing silent data theft through email without any user ...

Security researchers at Aim Security discovered "EchoLeak", the first known zero-click artificial intelligence (AI) ...

In an era where cloud-based solutions and artificial intelligence are the cornerstones of digital transformation, security vulnerabilities in these platforms ...

“So they turn to the path of least resistance—free, public AI tools that offer no data protection guarantees ... into programs like Teams or 365 Copilot that they already used for other ...

Richard Lawler is a senior editor following news across tech, culture, policy, and entertainment. He joined The Verge in 2021 after several years covering news at Engadget. Analyst is based on the ...