Exploit for Out-of-bounds Write in Apple Ipados

CVE-2025-43300: iOS/macOS DNG Image Processing Memory Corrupti...

Exploit for Out-of-bounds Write in Apple Ipados

CVE-2025-43300: iOS/macOS DNG Image Processing Memory Corrupti...

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security...

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence AI vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 M365 Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the...

PT-2025-25295 · Undefined · Undefined

EchoLeak: First-Ever Zero-Click Vulnerability, CVE-2025-3271, Discovered by Aim Labs in Microsoft 365 Copilot AI, Allowed Attackers Steal Sensitive Data Silently, Now Fixed EchoLeak Hackers Microsoft Copilot CopilotAgent MIcrosoft365 @Microsoft @Copilot...

CVE-2021-38745

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerab...

GitLab warns zero-click vulnerability could lead to account takeovers

GitLab has issued a warning about a critical vulnerability in GitLab Community Edition CE and Enterprise Edition EE. GitLab is an online DevOps platform that allows developers to collaborate on creating software. Organizations have a choice to install GitLab on their own servers or under GitLab’s...

Apple Rushes Out Patches for 0-Days in MacOS, iOS

Apple rushed out patches for two zero-days affecting macOS and iOS Thursday, both of which are likely under active exploitation and could allow a threat actor to disrupt or access kernel activity. Apple released separate security updates for the bugs – a vulnerability affecting both macOS and iOS...

Exploit for Insecure Storage of Sensitive Information in Microsoft

CVE-2020-1493 This vulnerability occurs in Outlook 2019 16.0...

Exploit for CVE-2020-1349

CVE-2020-1349 This vulnerability occurs in Outlook 2019 16.0...