TECH NEWS

Copilot, LiteLLM and the AI trust boundary gap

Two AI tools broke in the same way in the same two weeks, and four research teams proved it. The pattern underneath every disclosure is one sentence: enterprise AI accepts external input with no trust boundary.

On June 15, Varonis disclosed SearchLeak (CVE-2026-42824), a proof-of-concept exfiltration chain in Microsoft 365 Copilot Enterprise Search. A victim clicks a crafted microsoft.com URL, Copilot searches their mailbox, and the data leaves through a Bing SSRF. No plugins, no second click, no visible indicator. Four days earlier, Obsidian Security published a three-CVE chain against LiteLLM that carried a default low-privilege user all the way to admin and remote code execution. Two tools. Two teams. One broken boundary.

The five-check audit at the end of this article maps each gap to a CVE or a market signal from June, a command you can run before lunch, and a sentence a CISO can read to...

Copyright of this story solely belongs to venturebeat.com. To see the full text click HERE

Meta’s AI Workers Are Revolting, Peter Thiel’s Secret Society, and SBF’s Plea to Trump

Greetings flesh bag, you have unearthed a 404 error.

Ford pivots its Kentucky battery plant from EVs to AI data centre storage in a $2 billion bet

BMW slashes profit forecast as China’s EV makers squeeze European carmakers on two fronts

Read more

Meta’s AI Workers Are Revolting, Peter Thiel’s Secret Society, and SBF’s Plea to Trump

Greetings flesh bag, you have unearthed a 404 error.

Ford pivots its Kentucky battery plant from EVs to AI data centre storage in a $2 billion bet

BMW slashes profit forecast as China’s EV makers squeeze European carmakers on two fronts