Skip to content
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction. The critical-rated… 

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Jun 12, 2025Ravie LakshmananVulnerability / Software Security ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due… 

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

Jun 12, 2025Ravie LakshmananEnterprise Security / Active Directory Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active…