Varonis Threat Labs on June 15 disclosed SearchLeak, an attack that chains three vulnerabilities in Microsoft 365 Copilot Enterprise Search so that a single click on a trusted microsoft.com link can siphon a victim's emails, calendar data, files and one-time codes. Microsoft rated it CVE-2026-42824 as Critical (maximum severity) and has already deployed a server-side fix.
Continue reading
The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.
Already purchased? Sign in✓ Signed in — this article isn’t included in your current plan.