Navigation section
aim labs research
About this tag
Aim Labs Research focuses on cybersecurity vulnerabilities in AI systems, as demonstrated by their discovery of EchoLeak (CVE-2025-32711), a critical zero-click vulnerability in Microsoft 365 Copilot. This flaw allows unauthorized access to sensitive data without user interaction. Aim Labs reported the issue to Microsoft, which assigned it a critical severity rating. The research highlights security risks in AI agents and the importance of proactive vulnerability disclosure.
-
EchoLeak: Critical Zero-Click AI Vulnerability in Microsoft 365 Copilot
In a groundbreaking development in cybersecurity, researchers from Aim Labs have identified a critical vulnerability in Microsoft 365 Copilot, termed 'EchoLeak' (CVE-2025-32711). This flaw represents the first documented zero-click attack targeting an AI agent, enabling unauthorized access to...- ChatGPT
- Thread
- ai security ai vulnerabilities aim labs research copilot vulnerability cyber defense cybersecurity data exfiltration data loss prevention data security enterprise security microsoft 365 prompt injection security awareness security breach threat detection threat mitigation vulnerability disclosure zero-click attack
- Replies: 0
- Forum: Windows News