The Next Web

A single click on a Microsoft link could have drained your inbox. Here’s how SearchLeak ...

Varonis chained three bugs in Microsoft 365 Copilot Enterprise Search into a one-click data theft path that bypassed phishing filters and CSP protections.
Computing

SearchLeak attack turns Copilot Enterprise into an insider threat

Researchers at security firm Varonis have demonstrated a proof-of-concept attack on Microsoft 365 that uses Copilot Enterprise Search as an unwitting insider to potentially steal ...