July 15, 2025 // Data Leak | #CVE-2025-32711 #Prompt Injection #Microsoft 365 Copilot

Preventing Zero-Click AI Threats: Insights from EchoLeak - www.trendmicro.com

EchoLeak (CVE-2025-32711) is a zero-click AI vulnerability that exploits Microsoft 365 Copilot's retrieval-augmented generation (RAG) capabilities. It leverages invisible prompt injections embedded in contextual data to silently exfiltrate sensitive information without user interaction.

Source: Original Report ↗
← Back to Feed