ainewsblitz.com

Breaking

Microsoft 365 Copilot Hit by 1-Click Data-Theft Flaw 'SearchLeak,' Now Patched

  • Security
  • AI Agents
  • Sales & Business

Varonis Threat Labs on June 15 disclosed SearchLeak, an attack that chains three vulnerabilities in Microsoft 365 Copilot Enterprise Search so that a single click on a trusted microsoft.com link can siphon a victim's emails, calendar data, files and one-time codes. Microsoft rated it CVE-2026-42824 as Critical (maximum severity) and has already deployed a server-side fix.

Continue reading

The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.

$20
Read this article
$29/month
Unlimited — all 5,212 articles, the full archive, and comprehension quizzes
Save 72%
$98/year
≈ $8.17/month
Unlimited, billed once a year