Microsoft fixes critical Office zero-day security flaw. Update ASAP!

Yesterday was Microsoft’s big “Patch Tuesday,” which unleashed various security updates against 56 new vulnerabilities. This ...
Hosted on MSN

Copilot vulnerability lets attackers tamper with audit logs

Recent reports are warning of a vulnerability in Microsoft Copilot integrations that allows attackers to bypass audit logging, and security experts are freaking out. Security pros quickly pointed out ...
CSOonline

Copilot diagrams could leak corporate emails via indirect prompt injection

A now patched flaw in Microsoft 365 Copilot let attackers turn its diagram tool, Mermaid, into a data exfiltration channel–fetching and encoding emails through hidden instructions in Office documents.