Posted Jun 13, 2025 at 10:51 AM EDT 0 Comments
The vulnerability, called 'EchoLeak,' lets attackers 'automatically exfiltrate sensitive and proprietary information' from Microsoft 365 Copilot without knowledge of the user, according to findings from Aim Labs.
An attacker only needs to send their victim a malicious prompt injection disguised as a normal email, which covertly instructs Copilot to pull sensitive information from a user's account.
Microsoft has since fixed the critical flaw and given it the identifier CVE-2025-32711. It also hasn't been exploited in the wild.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
19 minutes ago
- Yahoo
Consilien Named to the 2025 Channel Partners MSP 501 List
Recognition Highlights Excellence in Cybersecurity, IT Strategy, and Client Centered Growth LOS ANGELES, August 21, 2025--(BUSINESS WIRE)--Consilien, a California-based leader in managed IT, cybersecurity, and compliance services, has been named to the prestigious 2025 Channel Partners MSP 501 list, the IT channel's most comprehensive ranking of managed service providers (MSPs) worldwide. Now in its 18th year, the MSP 501 list recognizes top performing IT providers based on a rigorous, data driven review of business performance, including recurring revenue, profitability, innovation, and client success. Consilien's selection places it among the most trusted and forward thinking service providers in the global MSP community. "This recognition means a great deal to our team and to the clients we support every day," said Eric Kong, CEO of Consilien. "It's not just about growth, it's about building long term value and solving real business challenges in areas like cybersecurity, AI readiness, and regulatory compliance." Consilien has built a reputation for helping small and mid-sized organizations manage growing IT complexity and evolving cyber threats. With a focus on transparency, responsiveness, and strategic planning, the company has earned consistent client trust and long term partnerships. "Technology has changed, and the stakes have never been higher," Kong added. "But this is where our team excels. Behind the scenes, solving problems, staying ahead of threats, and helping clients operate with confidence." As part of the MSP 501 list, Consilien joins a select group of global IT providers recognized for their leadership, resilience, and commitment to innovation. The honor reinforces Consilien's continued investment in secure IT infrastructure, compliance enablement, and forward looking technology solutions. "We're proud of how far we've come, but we're not done," said Kong. "This is motivation to keep improving, keep serving, and keep building the kind of IT partnerships that truly make a difference." For more information about Consilien's services or to explore what it means to work with a top ranked MSP, visit View source version on Contacts Media Contact: Holly Mackhello@ 866.680.3388
Yahoo
19 minutes ago
- Yahoo
Rights group says US authorities using AI to surveil pro-Palestinian protesters
Amnesty International accused US authorities on Wednesday of using Palantir and Babel Street AI tools to surveil immigrants and target non-citizens at pro-Palestinian protests. The rights group said a review of public records shows the software enables mass surveillance to assess and single out foreign nationals. Amnesty International on Wednesday accused US authorities of using artificial intelligence tools from Palantir and Babel Street to monitor immigrants and target non-citizens at demonstrations supporting Palestinians. A review of documents, including Department of Homeland Security public records, showed that software provided by the AI firms enables mass surveillance and assessment of people, often to target those not from the United States, according to Amnesty International. "The US government is deploying invasive AI-powered technologies within a context of a mass deportation agenda and crackdown on pro-Palestine expression, leading to a host of human rights violations," said Erika Guevara-Rosas of the rights group. "This has led to a pattern of unlawful detentions and mass deportations, creating a climate of fear and exacerbating the 'chilling effect' for migrant communities and for international students across schools and campuses." Amnesty research determined the United States is using the AI tools to track migrants, refugees and asylum seekers as part of a "Catch and Revoke" initiative. The State Department initiative involves social media monitoring, visa status tracking, and automated threat assessments of visa holders such as foreign students, according to Amnesty. Read moreMahmoud Khalil sues Trump administration for $20 million over detention "Systems like Babel X and Immigration OS (from Palantir) play a key role in the US administration's ability to carry out its repressive tactics," said Guevara-Rosas. "Unless Palantir and Babel Street can demonstrate they can use their leverage as suppliers to improve the serious human rights consequences borne by the policies of their clients, these companies should immediately cease their work with the US administration related to immigration enforcement." Use of the AI surveillance tools risks fueling US President Donald Trump's capacity to "deport marginalized people on a whim," Amnesty argued. Since being sworn in for a second term in January, Trump has targeted top US universities over claims they are politically biased towards "woke" politics and has charged -- without evidence -- that they have engaged in antisemitic policies. The administration has characterised widespread campus protests and sit-ins in the United States calling for an end to Israel's war in Gaza as being "antisemitic," and moved to expel foreign students and professors who took part in them. Trump has made the question of student protest, particularly by foreign scholars, a flashpoint political issue. (FRANCE 24 with AFP)
Digital Trends
20 minutes ago
- Digital Trends
How to watch Insta360 unveil its not-so-secret next gadget on Thursday
Insta360 is about to take the wraps off its latest gadget, widely expected to be the Go Ultra action camera. The company recently teased a look at the incoming device as part of a video ad for the big unveil, which takes place on Thursday, August 21. You can watch the teaser above. What to expect Insta360 looks set to unveil the Go Ultra action camera as a follow-up to the Go 3S, which launched last year. The new Go Ultra will replace its predecessor's pill-shaped design with a compact, cube design. Rumored to weigh a touch over 50 grams, the Go Ultra is believed to have a new 1/1.28-inch sensor and 4K/60fps video capabilities — double the frame rate of the Go 3S. It'll also come with a flip-up display. The one thing we don't know is when the new Go Ultra camera will be available. All will be revealed tomorrow. Oh, and as part of the launch hype, Insta360 is offering more than $4,000 worth of prizes including the new camera and a Giant road bike — in a one-off contest if you sign up to its mailing list before Thursday. Full details on its website. How to watch Insta360 will unveil its latest action camera at 9 a.m. ET on Thursday, August 21. You can watch the big reveal via the video player at the top of this page, or by heading to its website, which will carry the same footage. Insta360 has been pretty busy of late, last week unveiling the A1, the world's first 360-degree consumer drone. Unveiled under the new Antigravity sub-brand, the 249-gram A1 boasts 8K video, first-person-view goggles, and a Grip controller for single-handed control. Pricing and bundle details have yet to be announced have yet to be announced for the new quadcopter, which will begin shipping globally in January 2026. The company also recently introduced the X5 Satin White Limited Edition, a specially colored version of its X5 360-degree camera.
