Everything is prompt injection Text version: https://pivot-to-ai.com/2025/06/15/echoleak-send-an-email-extract-secret-info-from-microsoft-office-365-copilot-ai/

Patreon: https://www.patreon.com/davidgerard Ko-Fi: https://ko-fi.com/A1529D5 Buy me nice things: https://www.amazon.co.uk/hz/wishlist/ls/3Q8VZW46J6DM6 Get an extremely cool Pivot to AI shirt or mug: https://pivot-to-ai.redbubble.com

Source:

Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot https://www.aim.security/lp/aim-labs-echoleak-blogpost

Previously on Pivot to AI:

You can’t feed generative AI on ‘bad’ data then filter it for only ‘good’ data https://pivot-to-ai.com/2025/05/22/you-cant-feed-generative-ai-on-bad-data-then-filter-it-for-only-good-data/ video: https://www.youtube.com/watch?v=GnFozXDgrug&list=UU9rJrMVgcXTfa8xuMnbhAEA

Full Pivot to AI playlist: https://www.youtube.com/playlist?list=UU9rJrMVgcXTfa8xuMnbhAEA