Live
Critical Vulnerabilities in Schneider Electric's EVLink WallBox Pose Serious Security Risks·MSFT +0.1%Critical Vulnerabilities in Delta CNCSoft Expose Urgent Security Risks in Industrial Automation·NVDA +3.0%Siemens Mendix Studio Pro CVE-2025-40592 Path Traversal Vulnerability: What You Need to Know·GOOGL +1.2%CVE-2025-5310: Unpatched Fuel System Flaw Exposes 150,000+ Sites to Remote Takeover·AMZN +2.9%Microsoft Secure Boot Vulnerability CVE-2024-28923: What You Need to Know·MSFT +0.1%Aim Labs finds zero-click EchoLeak flaw steals data via Microsoft 365 Copilot·NVDA +3.0%CVE-2025-32454 in Siemens Tecnomatix Plant Simulation demands urgent patching to prevent production disruptions.·GOOGL +1.2%EchoLeak Zero-Click Flaw in Microsoft 365 Copilot Exposes Sensitive Data·AMZN +2.9%Critical Vulnerabilities in Schneider Electric's EVLink WallBox Pose Serious Security Risks·MSFT +0.1%Critical Vulnerabilities in Delta CNCSoft Expose Urgent Security Risks in Industrial Automation·NVDA +3.0%Siemens Mendix Studio Pro CVE-2025-40592 Path Traversal Vulnerability: What You Need to Know·GOOGL +1.2%CVE-2025-5310: Unpatched Fuel System Flaw Exposes 150,000+ Sites to Remote Takeover·AMZN +2.9%Microsoft Secure Boot Vulnerability CVE-2024-28923: What You Need to Know·MSFT +0.1%Aim Labs finds zero-click EchoLeak flaw steals data via Microsoft 365 Copilot·NVDA +3.0%CVE-2025-32454 in Siemens Tecnomatix Plant Simulation demands urgent patching to prevent production disruptions.·GOOGL +1.2%EchoLeak Zero-Click Flaw in Microsoft 365 Copilot Exposes Sensitive Data·AMZN +2.9%

Vulnerability Disclosure

The latest Vulnerability Disclosure coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 12:39 AM
Latest Most Read Breaking
Sort
Command Injection · Critical Infrastructure

Critical Vulnerabilities in Schneider Electric's EVLink WallBox Pose Serious Security Risks

Critical Vulnerabilities in Schneider Electric's EVLink WallBox Pose Serious Security Risks Multiple critical security flaws have been identified in all versions of the Schneider Electric EVLink...

Advertisement
Cve-2024-28923 · Cyber Threats

Microsoft Secure Boot Vulnerability CVE-2024-28923: What You Need to Know

Microsoft's Secure Boot feature, a critical component of Windows security, has come under scrutiny with the disclosure of CVE-2024-28923. This vulnerability, classified as a "Secure Boot Security...

SE Security Desk·57w ago
Ai Security · Ai Vulnerabilities

Aim Labs finds zero-click EchoLeak flaw steals data via Microsoft 365 Copilot

A newly discovered vulnerability in Microsoft 365 Copilot, dubbed EchoLeak, has sent shockwaves through the cybersecurity community. Researchers from Aim Labs uncovered this zero-click attack vector,...

AI AI & Copilot Desk·57w ago
Automation · Critical Infrastructure

CVE-2025-32454 in Siemens Tecnomatix Plant Simulation demands urgent patching to prevent production disruptions.

Siemens Tecnomatix Plant Simulation has become a cornerstone of modern digital manufacturing, enabling organizations to create precise digital twins of their production environments. This powerful...

SE Security Desk·57w ago
Ai Security · Ai Threat Landscape

EchoLeak Zero-Click Flaw in Microsoft 365 Copilot Exposes Sensitive Data

In January 2025, security researchers at Aim Labs uncovered a critical zero-click vulnerability in Microsoft 365 Copilot AI, designated as CVE-2025-3271 and dubbed "EchoLeak." This flaw allowed...

AI AI & Copilot Desk·57w ago
Ai Security · Ai Threat Landscape

EchoLeak Zero-Click Flaw Lets Hackers Steal Data via Microsoft 365 Copilot

The emergence of artificial intelligence in the workplace has revolutionized the way organizations handle productivity, collaboration, and data management. Microsoft 365 Copilot—Microsoft’s...

AI AI & Copilot Desk·57w ago
Ai Governance · Ai Risks

Zero-click EchoLeak flaw in Copilot allows data theft via poisoned prompts

A newly discovered vulnerability in Microsoft Copilot, dubbed EchoLeak (CVE-2025-32711), has exposed a critical flaw in AI-powered productivity tools, allowing attackers to exfiltrate sensitive data...

AI AI & Copilot Desk·57w ago
Cve-2025-33067 · Cyber Threats

Critical Windows Task Scheduler Flaw CVE-2025-33067: Risks, Mitigation, and Best Practices

A newly discovered vulnerability in the Windows Task Scheduler, designated as CVE-2025-33067, has sent shockwaves through the cybersecurity community, exposing millions of Windows devices to...

SE Security Desk·57w ago
Cve-2025-33067 · Cybersecurity

Microsoft patches critical Task Scheduler flaw allowing SYSTEM-level privilege escalation

In early June, cybersecurity professionals and IT administrators were confronted with a newly disclosed vulnerability in a core component of the Windows operating system that has raised significant...

SE Security Desk·57w ago