Microsoft fixes first known zero-click attack on an AI agent

EchoLeak affected Microsoft 365 Copilot, the AI assistant integrated across several Office applications, including Word, Excel, Outlook, PowerPoint, and Teams. According to researchers at Aim Security, who discovered the vulnerability, the exploit allowed attackers to access sensitive information from apps and data sources connected to Copilot without any user interaction.

Read Entire Article