Zero Click Attack
The latest Zero Click Attack coverage — news, analysis, and updates from the WindowsNews.AI desk.
Zenity Labs Unveils AgentFlayer: Zero-Click Exploits Hijack ChatGPT, Microsoft Copilot, and Salesforce Einstein
Zenity Labs has dropped a bombshell at Black Hat USA 2025: a new attack framework called AgentFlayer that lets adversaries silently hijack enterprise AI agents without so much as a mouse click....
Zenity Labs’ AgentFlayer Exposes Zero-Click Exploits: Microsoft Copilot, ChatGPT AI Agents Hijacked Without User Action
At Black Hat USA 2025, security researchers from Zenity Labs pulled back the curtain on a dangerously overlooked attack surface: enterprise AI agents that can be silently hijacked with zero user...
Black Hat 2025: Zero-Click Exploits Can Hijack ChatGPT, Copilot, and Einstein Without a Trace
Security researchers at Zenity Labs have dropped a bombshell at Black Hat USA 2025: a new breed of zero-click exploit chains can silently hijack enterprise AI agents, including OpenAI’s ChatGPT,...
Enterprises urged to adopt multi-layered AI security as attacks target models and training data.
The integration of artificial intelligence (AI) into enterprise systems presents unprecedented opportunities, but also significant security challenges. As organizations increasingly rely on AI for...
AI-Driven Phishing Attacks: How to Secure Microsoft 365 & Cloud Services
The cybersecurity landscape is undergoing a seismic shift as AI-powered phishing attacks target cloud services like Microsoft 365 and Okta with unprecedented sophistication. These next-generation...
EchoLeak: How a Critical AI Security Flaw is Forcing Enterprises to Rethink Data Protection
Microsoft 365 Copilot, the generative AI assistant that promised to revolutionize workplace productivity, has encountered its most serious security challenge to date with the discovery of EchoLeak...
Microsoft 365 Copilot Zero-Click Hack Echoleak Exposes Enterprise Data via Emails
Security researchers have uncovered a critical zero-click vulnerability in Microsoft 365 Copilot, marking the first known exploit of its kind in an AI-powered productivity assistant. Dubbed...
Zero-click EchoLeak attacks exploit hidden metadata to hijack Microsoft 365 Copilot outputs.
Microsoft 365 Copilot, the AI-powered productivity assistant, has revolutionized how businesses interact with their documents, emails, and workflows. However, recent discoveries of the EchoLeak...
CVE-2025-32711 in Microsoft Copilot enables silent data theft without user clicks.
A newly discovered zero-click vulnerability in Microsoft Copilot, tracked as CVE-2025-32711 and dubbed "EchoL," has sent shockwaves through the cybersecurity community. This critical flaw allows...
EchoLeak and AI Security: Protecting Data in Microsoft Copilot and Cloud Systems
The rapid integration of artificial intelligence into enterprise environments has introduced unprecedented efficiency gains—along with equally unprecedented security challenges. Recent discoveries...
Microsoft 365 Copilot Zero-Click Flaw Let Hackers Breach Enterprise Data
In early 2025, cybersecurity researchers uncovered a critical zero-click vulnerability in Microsoft 365 Copilot, dubbed EchoLeak, which could allow attackers to execute malicious code without user...
Microsoft Copilot's Zero-Click AI Vulnerability (CVE-2025-32711): Risks & Mitigations
A newly discovered zero-click vulnerability in Microsoft Copilot, tracked as CVE-2025-32711 and nicknamed EchoLeak, has sent shockwaves through the enterprise security community. This critical flaw...