ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

Reprompt attack let hackers hijack Microsoft Copilot sessions

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot ...

Your Copilot data can be hijacked with a single click - here's how

Attackers could pull sensitive Copilot data, even after the window closed. Researchers have revealed a new attack that requires only one click to execute, bypassing Microsoft Copilot security controls ...
The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...