Copilot’s Zero-Click Vulnerability

Wednesday, June 18, 2025 12 p.m. ET | 5 p.m. BST Matt Radolec, David Gibson

Microsoft just disclosed the first known “zero-click” vulnerability on an AI agent, a recently patched flaw that had the ability to extract sensitive data from Copilot with a single email – no phishing nor action from the victim required.

This new attack, called EchoLeak, has sent shockwaves across the security industry, raising questions on how to combat the evolving risks within integrated AI solutions.

Join Matt and David on June 18 for a State of Cybercrime that deep dives into EchoLeak, reviews additional AI vulnerabilities, and covers ongoing ransomware attacks.

Email*

First name*

Last name*

Company name*

Company size*

Country*

ISC² member number (if you would like to receive CPE credit)

Your seat is saved!

You’ll receive a confirmation email from Zoom shortly. Contact us if you do not receive it within 24 hours.

Add to calendar (.ics)

About the series

In today's digital landscape, no industry is safe from cybercrime. Hackers continue to exploit vulnerabilities across sectors, leading to highly destructive breaches.

Our State of Cybercrime series sheds light on the latest high-profile attacks while providing actionable insights across every industry.

This episode's segments include...

Is there any good news?
AI Vey — because we can't not talk about AI
The latest Vulnerable Vulnerabilities
The highway to the Danger Zone
Live Q&A

Show hosts:

Matt Radolec

Senior Director, Incident Response and Cloud Operations, Varonis

David Gibson

Senior VP of Strategic Programs, Varonis

State of Cybercrime

Copilot’s Zero-Click Vulnerability

Your seat is saved!

About the series

This episode's segments include...

Show hosts:

ABOUT STATE OF CYBERCRIME

TRY VARONIS FOR FREE.