Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

Copilot Exploit Bypasses Safeguards And Steals Data Even After You Close The Chat

Reprompt is a Copilot exploit, that can use multi-stage prompts to steal user data, but thankfully it's already been patches.
Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
VentureBeat

Shrink exploit windows, slash MTTP: Why ring deployment is now a must for enterprise defense

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.
HotHardware

Windows Admins Are Urged To Patch This TCP/IP Zero Click Security Exploit

This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an ...
Forbes

New Windows Warning As Zero-Day With No Official Fix Confirmed For All Users

Update, Dec. 07, 2024: This story, originally published Dec. 06 now includes a statement from Microsoft about the new Windows zero-day vulnerability and further information about the 0patch ...
Reuters

Hackers will exploit Windows kernel bug, researchers say

Hackers will quickly jump on one of the 15 vulnerabilities Microsoft patched Tuesday to build attack code that infects Internet Explorer users, security researchers agreed today. The bug, which ...
Dark Reading

Nation-State Groups Abuse Microsoft Windows Shortcut Exploit

State-sponsored APTs from North Korea, Iran, Russia, and China are targeting victims using a Windows shortcut file exploit, according to new research from Trend Micro’s Zero Day Initiative (ZDI). In ...
Bleeping Computer

North Korean hackers exploit Chrome zero-day to deploy rootkit

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. "We assess ...
InfoWorld

Windows exploit leaked — by Microsoft?

Proof-of-concept exploit created by Microsoft has apparently leaked to the Internet. Possible sources of the leak: Microsoft security partners or an employee An attack exploiting a recently patched ...
InfoWorld

Criminals spread Windows exploit via Web host

Attackers exploited the zero-day VML vulnerability on Windows-based machines by targeting a separate hole in cpanel, an application that’s popular with Web hosting services. The attack, which lasted ...