Microsoft Copilot flaw raises urgent questions for any business deploying AI agents - Fortune

A critical "EchoLeak" zero-click vulnerability in Microsoft 365 Copilot allowed attackers to remotely exfiltrate sensitive internal data by sending emails containing hidden instructions. This flaw represents an LLM scope violation where the AI agent was tricked into accessing information beyond its intended permissions without user interaction.