Ransomware attack exposes Social Security numbers at major gas station chain

Ransomware attack on Texas gas station chain exposes 377,000 people's Social Security numbers and driver's licenses. Keep ...
SecurityWeek

New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data

The Reprompt Copilot attack bypassed the LLMs data leak protections, leading to stealth information exfiltration after the ...

Reprompt attack hijacked Microsoft Copilot sessions for data theft

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot session and issue commands to exfiltrate sensitive data.

ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...

Why clicking the wrong Copilot link could put your data at risk

Microsoft Copilot security vulnerability allows attackers to steal data through malicious links. Learn how the attack works ...
Cyber Defense Magazine

Defending Against Data Exfiltration and Ransomware Attacks

Abstract "Double-extortion" ransomware attacks not only encrypt systems but also steal sensitive data. Traditional backups ...

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; ...
Infosecurity Magazine

New Zero-Click Attack Lets ChatGPT User Steal Data

Recently, OpenAI extended ChatGPT’s capabilities with user-oriented new features, such as ‘Connectors,’ which allows the chatbot to easily and quickly connect to popular external systems (e.g. Gmail, ...
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...