How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.

CertiK links $63M in Tornado Cash deposits to $282M wallet compromise

The finding adds a new laundering route to the $282 million wallet compromise, highlighting how the attacker is attempting to ...

Why wrench attacks are becoming one of the most violent forms of crypto crimes

Wrench attacks bypass wallets by targeting people. As crypto prices rise and identities leak, physical coercion is becoming ...

How a simple link allowed hackers to bypass Copilot's security guardrails - and what Microsoft did about it

ZDNET's key takeaways Dubbed "Reprompt," the attack used a URL parameter to steal user data.A single click was enough to ...
The Hacker News

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense ...
SecurityWeek

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...
CSO Online

Five Chrome extensions caught hijacking enterprise sessions

Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and ...