URL has been copied successfully!
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes


Tags: , , , , , ,

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. The 2024 cyberwar playbook: Tricks used by nation-state actors
  2. The 2024 cyberwar playbook: Tricks used by nation-state actors
  3. Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine
  4. Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects