A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...

Microsoft's Latest Patch Tuesday Fixes 114 Vulnerabilities

Microsoft's Patch Tuesday update for January addresses 114 vulnerabilities in total, including three zero-days.

Reprompt attack let hackers hijack Microsoft Copilot sessions

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot ...
Dark Reading

Shadow#Reactor Uses Text Files to Deliver Remcos RAT

Attackers use a sophisticated delivery mechanism for RAT deployment, a clever way to bypass defensive tools and rely on the ...

Your Copilot data can be hijacked with a single click - here's how

Attackers could pull sensitive Copilot data, even after the window closed. Researchers have revealed a new attack that requires only one click to execute, bypassing Microsoft Copilot security controls ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...