cybersecurity

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon

Source: cloudsecurityalliance.org 1 min read

Share

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon

You are reading a summary. The full content is hosted on cloudsecurityalliance.org.

Varonis Threat Labs discovered SearchLeak, a critical vulnerability chain in Microsoft 365 Copilot Enterprise that allows an attacker to steal sensitive data — MFA codes, email messages, meeting details, and private organizational files — with a single click. Varonis Threat Labs has uncovered a new three-stage vulnerability chain that turns Microsoft 365 Copilot Enterprise Search into a silent data exfiltration weapon. Dubbed SearchLeak, the chain combines a relatively new class ...

Read the full article on the original website

External link to cloudsecurityalliance.org

Related Articles