July 15, 2025 // Vulnerability | #CVE-2025-32711 #Prompt Injection #Zero-Click

Preventing Zero-Click AI Threats: Insights from EchoLeak - TrendMicro

EchoLeak (CVE-2025-32711) is a zero-click AI vulnerability in Microsoft 365 Copilot that exploits invisible prompt injection within contextual data. This allows the AI's retrieval-augmented generation (RAG) engine to silently exfiltrate sensitive enterprise information without any user interaction.

Source: Original Report ↗
← Back to Feed