| ▲ | kenjackson 3 days ago | |
What CISA report? | ||
| ▲ | aspenmayer 3 days ago | parent | next [-] | |
I’m guessing they mean this one: https://www.cisa.gov/news-events/bulletins/sb25-167 > Microsoft--Microsoft 365 Copilot > Description Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. > Published 2025-06-11 > CVSS Score 9.3 > Source Info CVE-2025-32711 https://www.cve.org/CVERecord?id=CVE-2025-32711 And maybe they are referring to this engineer from the linked advisory notes? https://msrc.microsoft.com/update-guide/vulnerability/CVE-20... > Acknowledgements > Arantes (@es7evam on X) with Microsoft Aim Labs (Part of Aim Security) | ||
| ▲ | stogot 3 days ago | parent | prev | next [-] | |
This one: https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewO... | ||
| ▲ | NemosDemos 3 days ago | parent | prev | next [-] | |
Not OP, but guessing they were referencing this one: https://www.cisa.gov/resources-tools/resources/CSRB-Review-S... | ||
| ▲ | homarp 3 days ago | parent | prev [-] | |