This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

This sneaky attack tricks Microsoft's AI assistant to hand over your data.

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
The Hacker News

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Microsoft fixed a critical Copilot Enterprise Search flaw that could expose emails, calendars, and indexed files through one ...

Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.

AWS launches new AI security service for code vulnerabilities

CNBC's Kate Rooney reports on new announcements from AWS.
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted ...

7-Zip: Update closes code smuggling vulnerability

The popular compression program 7-Zip contains a vulnerability that allows the injection of malicious code. An update is ...