One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal E… | HappeningNow.news
Published Date: June 15, 2026

Cybersecurity · 24 views

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 3…

Source The Hacker News AI Summary Updated 3h 52m ago
Story intelligence Beta
Freshness Fresh Updated 3h 52m ago
Confidence Checking
Coverage Checking
Views 24 Community interest
Read time 1 min ~59 words

AI Summary

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were

Read full article on The Hackernews

AI summaries can be wrong sometimes—always verify important details using the source article.

SUPPORT HAPPENINGNOW · Independent AI News Intelligence
SUPPORTER MESSAGE

Enjoyed this article? Consider supporting HappeningNow to help keep independent AI-powered news analysis moving forward. Your contribution helps cover infrastructure, AI summaries, and continued platform development.

Support HappeningNow
Category Cybersecurity
Outlet The Hackernews
Source The Hacker News
Return to Frontpage