SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon
Share
You are reading a summary. The full content is hosted on cloudsecurityalliance.org.
Varonis Threat Labs discovered SearchLeak, a critical vulnerability chain in Microsoft 365 Copilot Enterprise that allows an attacker to steal sensitive data — MFA codes, email messages, meeting details, and private organizational files — with a single click. Varonis Threat Labs has uncovered a new three-stage vulnerability chain that turns Microsoft 365 Copilot Enterprise Search into a silent data exfiltration weapon. Dubbed SearchLeak, the chain combines a relatively new class ...
External link to cloudsecurityalliance.org
Related Articles
cybersecurity
JadePuffer ransomware used AI agent to automate entire attack
cybersecurity
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
cybersecurity
