Pulse of Truth

1240 readers

30 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

0-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams (cybersecuritynews.com)

submitted 2 weeks ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

0 comments fedilink hide all child comments

A critical zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak,” enables attackers to automatically exfiltrate sensitive organizational data without requiring any user interaction. The vulnerability represents a significant breakthrough in AI security research, introducing a new class of attack called “LLM Scope Violation” that could affect other AI-powered applications beyond Microsoft’s platform. The EchoLeak attack […] The post 0-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams appeared first on Cyber Security News.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here