Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...
Forbes

Emergency Microsoft Security Warning Confirmed — Act Now, CISA Says

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...
Dark Reading

Phishers Exploit Office 365 Users Who Let Their Guard Down

Microsoft said that Office 365 tenants with weak configurations and who don't have strict anti-spoofing protection enabled ...
Forbes

Microsoft Emergency Server Update Not Enough To Stop Attacks

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Every security team’s nightmare came true over the weekend: a ...
Ars Technica

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system ...
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...
Dark Reading

Microsoft Patches 137 CVEs in July, but No Zero-Days

In a break from recent months, Microsoft's security update for July contains no zero-day bugs. But with 137 newly disclosed vulnerabilities, including one that has been publicly disclosed already, it ...