Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Next Web

A single click on a Microsoft link could have drained your inbox. Here’s how SearchLeak worked.

Varonis chained three bugs in Microsoft 365 Copilot Enterprise Search into a one-click data theft path that bypassed phishing filters and CSP protections.

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.

Google Search Traffic To Open Web Drops To 23%, Data Shows

New data shows most U.S. Google searches end without a click, with a shrinking share of traffic reaching websites outside ...

97% Of LLMS.txt Files Got No Requests, Ahrefs Data Shows

Ahrefs analyzed 137K domains and found 97% of llms.txt files received zero requests. AI retrieval bots accounted for 1% of ...
Tech Xplore on MSN

PhishLumos maps phishing infrastructure and finds 190,000 URLs in six months

Researchers from Tokyo Metropolitan University have created a new paradigm for identifying online phishing campaigns. Their ...

Porn company can sue Meta for torrenting its adult films for AI training, judge rules

On June 11, U.S. District Judge Eumi K. Lee filed the order, stating that porn holding company, Strike 3 Holdings, and ...
Nature

‘Every box has been opened’: London botanic gardens digitizes 7 million specimens

Digital specimens from one of the world’s largest collections of plant and fungi are being made available to researchers from all over the world, free of charge. The Royal Botanic Gardens at Kew in ...
GitHub

lenucksi/aur-malware-check

Detection and analysis tools for the atomic-lockfile supply-chain attack on the Arch User Repository (AUR). This is a collection of all the scattered resources, especially the ones in the detection ...