Techly NewsGet the app

Get the latest tech news

EchoLeak – 0-Click AI Vulnerability Enabling Data Exfiltration from 365 Copilot


The first weaponizable zero-click attack chain on an AI agent, resulting in the complete compromise of Copilot data integrity

The chains allow attackers to automatically exfiltrate sensitive and proprietary information from M365 Copilot context, without the user's awareness, or relying on any specific victim behavior. Long story short, SharePoint Online (SPO) no longer allows developers to include server-side code into sites or pages and/or pass on query string parameters to underlying PowerAutomate apps. For this weaponization process, several app guardrails that are considered best practices were bypassed - XPIA (cross prompt injection attack) classifiers, external link redaction, Content-Security-Policy, and M365 Copilot’s reference mentions.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Copilot

Copilot

Photo of ai vulnerability

ai vulnerability

Related news:

News photo

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

News photo

Tracking Copilot vs. Codex vs. Cursor vs. Devin PR Performance

News photo

GitHub Users Angry at the Prospect of AI-Written Issues From Copilot

« Hollywood studios target AI image generator in copyright lawsuit
“Cyborg Embryos” Give Insights on Frog, Mouse Brains »