Loading…
Loading…
Written by Max Zeshut
Founder at Agentmelt · Last updated Jul 8, 2026
A June 2025 zero-click indirect prompt injection vulnerability in Microsoft 365 Copilot disclosed by Aim Security, scored CVSS 9.3. An attacker could send an email containing hidden instructions; when a user asked Copilot to summarize their inbox, the assistant consumed the email, followed the hidden instructions, and exfiltrated sensitive tenant data—without the user clicking anything. EchoLeak was the first widely-covered 'zero-click' LLM attack and became the canonical example of why indirect prompt injection is treated as a top-tier enterprise risk in 2026 threat models.