Copilot Exploit Bypasses Safeguards And Steals Data Even After You Close The Chat

Reprompt is a Copilot exploit, that can use multi-stage prompts to steal user data, but thankfully it's already been patches.
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...
Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
The Hacker News

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft’s January 2026 Patch Tuesday fixes 114 Windows flaws, including an actively exploited Desktop Window Manager bug ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...

5 Free Tools To Keep Your Windows 10 PC Secure Without Further Microsoft Support

Windows 10 is no longer going to receive free security updates in the future, but that doesn't mean you have to update to ...
SecurityWeek

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Eight Windows and Office vulnerabilities patched this month have been assigned a critical severity rating. A majority can be ...
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...
Redmondmag.com

Zero-Day Attack Drives 113-Vulnerability Patch Tuesday Release to Start 2026

Microsoft rang in 2026 with its biggest January Patch Tuesday rollout in four years, shipping fixes for 113 vulnerabilities ...

New China-linked hackers breach telcos using edge device exploits

A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its ...