First-ever zero-click attack targets Microsoft 365 Copilot

Thursday, 12 June 2025 (3 days ago)
Imagine an attack so stealthy it requires no clicks, no downloads, no warning – just an email sitting in your inbox. This is EchoLeak, a critical vulnerability in Microsoft 365 Copilot that lets hackers steal sensitive corporate data without a single action from the victim.

Discovered by Aim Security, it’s the first documented zero-click attack on an AI agent, exposing the invisible risks lurking in the AI tools we use every day.

👓 View full article

0 shares	Share Tweet Save Post Send

First-ever zero-click attack targets Microsoft 365 Copilot

You Might Like