In a groundbreaking discovery, cybersecurity researchers have identified the first known zero-click vulnerability in a large language model. Tracked as CVE-2025-32711, the flaw was found in Microsoft's 365 Copilot, a generative AI tool integrated into the Microsoft Office suite.
Unlike traditional cyberattacks that require users to click on malicious links or attachments, zero-click attacks can execute without any user interaction. In this case, the vulnerability was triggered by an email that appeared entirely legitimate but contained a hidden prompt injection. Once received, the malicious prompt exploited the AI system, causing it to extract sensitive organizational data and transmit it to servers controlled by threat actors — all without the victim even opening or interacting with the message.
Microsoft has acted swiftly, patching the issue on the server side, and at this time, there is no evidence that the vulnerability was exploited in the wild. The discovery raises critical concerns about the security implications of integrating generative AI tools in enterprise environments, especially as these systems gain deeper access to internal data.
The full report was published by BleepingComputer, a trusted source for cybersecurity news and threat intelligence.
As AI continues to evolve and become an essential part of modern workflows, this incident serves as a timely reminder of the importance of proactive security research and the need for robust safeguards around AI-driven technologies.
