Cybersecurity researchers at Check Point have uncovered a critical zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLink”, which allows attackers to extract sensitive corporate data without any user interaction.
The exploit, which has since been patched by Microsoft, is described as a potential watershed moment in AI-driven cybercrime, leveraging hidden prompts embedded in everyday business content such as Word documents, calendar entries, and emails.
When Microsoft 365 Copilot processes this seemingly innocuous material, it unknowingly executes the malicious commands.
According to Check Point, the attack is silent and automatic. Users are unaware as Copilot reveals confidential data such as internal reports, meeting summaries, or strategic documents—all without requiring a single click or download.
“This marks the beginning of a new era of cyberattacks, where AI is not just the target, but the tool,” says Hendrik de Bruin, head of SADC Security Consulting, Check Point Software Technologies.
“EchoLink shows how attackers can manipulate large language models in ways that bypass traditional security controls.”
The zero-click nature of the vulnerability has raised alarms across the enterprise sector. Experts warn that such exploits could rapidly evolve, especially as more businesses adopt AI assistants to handle sensitive workflows.
“This isn’t just another flaw – it’s a new class of threat. One that doesn’t require a single click, a download, or any user interaction to trigger. EchoLink is invisible, fast-moving, and capable of silently leaking sensitive enterprise data,” says de Bruin.
For organisations heavily invested in Microsoft’s productivity suite, EchoLink is a serious red flag.
“Many rely on Microsoft’s native security tools or try to patch gaps with multiple point solutions. But this fragmented, layered approach can lead to weak links and bling spots, introducing more risk than protection,” de Bruin says.
Native and Layered Approaches Are No Longer Enough
While the assumption is that Microsoft Defender for Office 365 or other built-in tools provide enough coverage, recent incidents, including EchoLink, reveal that native tools often fall short when facing highly sophisticated AI-powered, multi-vector attacks.
Worse, when companies try to fill these gaps with point solutions, they encounter:
- Delayed detection and response due to lack of integration.
- Management overhead from maintaining different vendors and policies.
- Security gaps created by missed data handoffs between tools.
EchoLink: A Vulnerability Hiding in Plain Sight
The EchoLink vulnerability exposes how Microsoft 365 Copilot, designed to simplify workflows using AI, can be manipulated to leak user data automatically. The vulnerability does not require any user interaction.
Instead, attackers exploit the AI model’s integration points and document handling behavior to extract sensitive corporate information, from meeting summaries to project briefs. This all happens in the background without a user knowing – a true zero-click exploit.
“While Microsoft patched the vulnerability in June 2025, EchoLink shouldn’t be viewed as a one-off vulnerability, but rather a sign of things to come. As AI systems become deeply embedded in everyday tools, they will increasingly be targeted by cyber criminals. And most traditional security approaches are not designed to keep up,” de Bruin says.
“What’s needed instead is an end-to-end solution with visibility, control, and prevention baked into one platform. With Check Point’s Harmony Email & Collaboration, for example, organisations can move beyond reactive, fragmented defenses and adopt a proactive, unified strategy that adapts as threats evolve,” he adds.
Harmony Email & Collaboration Delivers Unified Protection Against Emerging AI Threats
Check Point’s Harmony Email & Collaboration delivers real-time prevention against phishing, malware, zero-click exploits, and data leaks, including vulnerabilities like EchoLink.
Harmony Email & Collaboration is designed to protect cloud-based communication tools like Microsoft 365, Google Workspace, Teams, and Slack.
Rather than relying on native tools alone or juggling multiple plug-ins, Harmony Email & Collaboration offers a complete, AI-driven security architecture that works across all communication channels.
Key capabilities include:
- Advanced AI and ML-based threat detection to spot malicious prompts, payloads, and behavioral anomalies.
- Zero-click attack prevention, scanning all document interactions, shared file links, and embedded content—before a user ever sees it.
- Context-aware DLP (Data Loss Prevention) to identify and block unauthorised data extraction or exposure.
- Unified dashboard and policy management, delivering full visibility and control from a single pane of glass.
When EchoLink-like attacks strike, speed and clarity are everything. Harmony not only prevents threats in real-time, it empowers IT and security teams to act fast and decisively.
GigaOm Names Check Point a Leader in Anti-Phishing for 2025
Harmony Email & Collaboration was recognised as both a Leader and Outperformer in the 2025 GigaOm Radar for Anti-Phishing report. The report highlighted Harmony Email & Collaboration’s advanced threat detection, AI-powered prevention capabilities, and seamless integration across collaboration platforms.
This recognition underscores Harmony Email & Collaboration’s ability to go beyond traditional email filters and sandboxing, offering next-gen protection that’s purpose-built for the modern, AI-enabled attack surface.
A Wake-Up Call for Cyber Security Leaders
“EchoLink is not just another vulnerability – it’s the canary in the coal mine. It shows how AI is reshaping the threat landscape, creating new exploit paths and exposing enterprises to novel forms of data leakage and manipulation. Cyber leaders should heed this important warning and take the steps necessary to fully protect their organisations,” De Bruin says.
“AI-driven attacks are not hypothetical or theoretical. They’re happening now. And as digital transformation accelerates, the surface area for these attacks only grows,” he concludes.
Comments 1