Bottom line: A critical vulnerability in Microsoft 365 Copilot allows attackers to compromise systems through a simple link click, without employing classical phishing or password theft techniques.
Security researchers from Varonis have discovered a critical vulnerability in Microsoft 365 Copilot that enables complete system compromise through a single click on a link. For CISOs, this is relevant because established security mechanisms such as phishing protection and password strategies are bypassed.
The vulnerability, named SearchLeak, was identified by security researchers at Varonis and affects Microsoft 365 Copilot. It enables attackers to fully compromise a system through a single click on what appears to be a trustworthy link.
The attack mechanism is particularly critical: it requires neither a spoofed login page nor phishing tactics to solicit passwords. This means that conventional security measures against social engineering attacks do not adequately cover the threat.
For CISOs, this vulnerability has significant implications for the risk landscape. Since Microsoft 365 Copilot plays a central role in many enterprise environments, security managers must assume that their users are directly threatened by poorly detected link phishing attacks. It is necessary to review the organization’s Copilot deployment and, if necessary, restrict it until patches or mitigations are available.
Source: borncity.com · Published 16 June 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.