A now patched flaw in Microsoft 365 Copilot let attackers turn its diagram tool, Mermaid, into a data exfiltration channel–fetching and encoding emails through hidden instructions in Office documents.

Security researchers Aim Labs discovered an LLM Scope Violation flaw in Microsoft 365 Copilot The critical-severity bug allows threat actors to exfiltrate sensitive corporate data by sending an email ...

A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve ...

Microsoft Corp. has developed a series of large language models that can rival algorithms from OpenAI and Anthropic PBC, multiple publications reported today. Sources told Bloomberg that the LLM ...

Microsoft 365 Copilot, the AI tool built into Microsoft Office workplace applications including Word, Excel, Outlook, PowerPoint, and Teams, harbored a critical security flaw that, according to ...

On August 7, 2025 OpenAI launched GPT-5, it did not go as planned. On the same day, Jared Spataro, Chief Marketing Officer at Microsoft, announced that GPT-5 was rolling out to Microsoft 365 Copilot ...

In a world first, researchers from Aim Labs have identified a critical zero-click vulnerability in Microsoft 365 Copilot that can lead to the exfiltration of sensitive corporate data with a simple ...

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction.

articiOver the past few years, AI has gone from limited chatbots to suddenly dominating the news cycle every single day. There are a range of AI chatbots you can access from ChatGPT to Gemini but one ...