New 'EchoLeak' Attack Discovered in Microsoft 365 Copilot

A new attack named 'EchoLeak' has been discovered, representing the first known zero-click vulnerability in AI, allowing attackers to exfiltrate sensitive data from Microsoft 365 Copilot without user interaction. This flaw exploits the user's context to extract sensitive information.