SecurityWeek

New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data

The Reprompt Copilot attack bypassed the LLMs data leak protections, leading to stealth information exfiltration after the ...

Okta SSO accounts targeted in vishing-based data theft attacks

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; ...

How this one-click Copilot attack bypassed security controls - and what Microsoft did about it

How this one-click Copilot attack bypassed security controls - and what Microsoft did about it ...
WinBuzzer

From iCloud to Crypto-Platforms: 149 Million Stolen Logins and Passwords Exposed in Unprotected Database

A security researcher has discovered 149 million stolen login credentials in an unprotected database, including 900,000 ...

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

A recent Fortinet patch may not work as well as expected ...
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
CRN

Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch

The disclosure follows reports that the cybercriminal group Clop has been extorting a significant number of E-Business Suite customers. Oracle is now linking a widespread data extortion campaign ...
Forbes

Logitech Data Breach — What We Know As 0-Day Hack Attack Confirmed

I have always been a fan of Logitech mice, I mean, who isn’t? But I’m not a fan of reading the words “Logitech International S.A. ("Logitech") recently experienced a cybersecurity incident relating to ...