A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...
Dark Reading

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...