Microsoft 365 Copilot has been found vulnerable to a critical one-click data exfiltration attack chain dubbed “SearchLeak,” exposing sensitive enterprise data through a combination of AI-specific and traditional web vulnerabilities. Discovered by Varonis Threat Labs, the flaw, tracked as CVE-2026-42824 and rated critical, demonstrates how modern AI integrations can unintentionally expand attack surfaces by linking […]

The post Microsoft 365 Copilot Vulnerability Exposes Sensitive Data Through One-Click Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/microsoft-365-copilot-vulnerability-2/