Varonis Threat Labs reported a vulnerability chain dubbed "SearchLeak" (CVE-2026-42824) in Microsoft 365 Copilot Enterprise Search that could let attackers steal corporate secrets by tricking a victim into a single click on a malicious URL. Microsoft fixed the issue server-side in early June 2026, and no real-world exploitation has been observed.
Continue reading
The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.
Already purchased? Sign in✓ Signed in — this article isn’t included in your current plan.