One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Security researchers at Varonis Threat Labs discovered a critical vulnerability chain called SearchLeak that could allow attackers to exfiltrate sensitive data from Microsoft 365 Copilot Enterprise Search through a single click on a legitimate Microsoft domain link. The attack bypassed traditional security controls because it used authentic microsoft.com URLs, making it difficult for anti-phishing

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were

Originally published at thehackernews.com

#Copilot Security #Cybersecurity #Data-Exfiltration #Enterprise Security #Malware #Microsoft 365 #Vulnerabilities

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Talk to an architect about applying this to your stack.

More from the journal

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Most CISOs Report Pressure to Bury Bad Security News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers