Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

SeerDEX Launches Binary Options on Solana Backed by a Buyback-Funded Token

The native token, $SEERX, is an ERC-20 on Ethereum and is bridgeable to Solana. Buyers can pay with ETH, BNB, or card. ETH ...

SpaceX to acquire the AI coding startup Cursor for $60 billion

The deal will help to bolster the company's efforts to compete with rivals like Anthropic and OpenAI, which also offer ...

Paint and Seek codes (June 2026)

Bag some free coins when you redeem these new Paint and Seek codes in one of the most creative takes on Roblox's murder ...
The Hacker News

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Microsoft fixed a critical Copilot Enterprise Search flaw that could expose emails, calendars, and indexed files through one ...

This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

This sneaky attack tricks Microsoft's AI assistant to hand over your data.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Next Web

A single click on a Microsoft link could have drained your inbox. Here’s how SearchLeak worked.

Varonis chained three bugs in Microsoft 365 Copilot Enterprise Search into a one-click data theft path that bypassed phishing filters and CSP protections.