The attack bypassed Copilot’s data leak protections and allowed for session exfiltration even after the Copilot chat was closed. The post New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Data Privacy Teams Face Staffing Shortages and Budget Constraints, ISACA Warns
ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Privacy Teams Face Staffing…
Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads
Over 387,000 users downloaded vulnerable Apache Struts versions this week. Exclusive Sonatype research reveals a high-risk flaw found by AI. Is your system at risk? This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More…
Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking
Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers. This article has been indexed from Security Latest Read the original article: Hundreds of Millions of…
Microsoft taps UK courts to dismantle cybercrime host RedVDS
Redmond says cheap virtual desktops powered a global wave of phishing and fraud Microsoft has taken its cybercrime fight to the UK in its first major civil action outside the US, moving to shut down RedVDS, a virtual desktop service…
4 Outdated Habits Destroying Your SOC’s MTTR in 2026
It’s 2026, yet many SOCs are still operating the way they did years ago, using tools and processes designed for a very different threat landscape. Given the growth in volumes and complexity of cyber threats, outdated practices no longer fully…
Battling Cryptojacking, Botnets, and IABs [Guest Diary], (Thu, Jan 15th)
[This is a Guest Diary by Matthew Presnal, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Battling Cryptojacking, Botnets, and IABs [Guest…
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor. This article has been indexed from Cisco Talos Blog Read the original article: UAT-8837 targets critical infrastructure sectors…
SK Hynix Brings Forward Memory Plans Amid Shortage
Second-largest memory producer to bring forward opening of factory by three months, as AI memory demand pushes up consumer electronics prices This article has been indexed from Silicon UK Read the original article: SK Hynix Brings Forward Memory Plans Amid…
Ofcom keeps X under the microscope despite Grok ‘nudify’ fix
Cold milk poured over ‘spicy mode,’ but it might not be enough to escape a huge fine Ofcom is continuing with its investigation into X, despite the social media platform saying it will block Grok from digitally undressing people.… This…
Central Maine Healthcare Data Breach Impacts 145,000 Individuals
Hackers stole patients’ personal, treatment, and health insurance information from the hospital’s IT systems. The post Central Maine Healthcare Data Breach Impacts 145,000 Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Central…
Ongoing Web Skimming Operation Quietly Harvests Payment Data From Online Stores
Cybersecurity analysts have identified a sophisticated web skimming operation that has been running continuously since early 2022, silently targeting online checkout systems. The campaign focuses on stealing payment card information and is believed to affect businesses that rely on…
ChatGPT Prepares Cross-Platform Expansion With Project Agora
It appears that OpenAI is quietly setting the foundation for its next significant product evolution, as early technical signals indicate the development of a new cross-platform initiative that is internally codenamed “Agora” and promises to be the next major step…
AWS European Sovereign Cloud puts data, operations, and oversight inside the EU
Amazon has made the AWS European Sovereign Cloud generally available to customers across the European Union, backed by a €7.8 billion investment. According to AWS, the funding will support infrastructure buildout, staffing, and long-term operations, and is expected to drive…
ICE Agent Doxxing Site DDoS-ed Via Russian Servers
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security This article has been indexed from www.infosecurity-magazine.com Read the original article: ICE Agent Doxxing Site DDoS-ed Via Russian Servers
IT Security News Hourly Summary 2026-01-15 12h : 3 posts
3 posts were published in the last hour 10:32 : X Restricts Sexualised AI Features 10:32 : Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers 10:32 : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information
X Restricts Sexualised AI Features
Social media platform X said it would bar users in some jurisdictions from creating sexualised deepfakes, following international criticism This article has been indexed from Silicon UK Read the original article: X Restricts Sexualised AI Features
Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers
Lumen’s Black Lotus Labs blocked over 550 C2 servers tied to the AISURU/Kimwolf botnet used for DDoS attacks and proxy abuse. Lumen’s Black Lotus Labs disrupted over 550 command-and-control servers linked to the AISURU and Kimwolf botnet, a major network…
HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information
Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers to access sensitive network information and disrupt operations. The security flaws, identified as CVE-2025-37165, CVE-2025-37166, CVE-2023-52340, and CVE-2022-48839, affect devices…
Google Links Gmail, YouTube To AI Queries
Users will be able to link vast amounts of their data, including emails and YouTube viewing history, for personalised responses This article has been indexed from Silicon UK Read the original article: Google Links Gmail, YouTube To AI Queries
AWS flips switch on Euro cloud as customers fret about digital sovereignty
EU-only ops, German subsidiaries, and a pinky promise your data won’t end up in Uncle Sam’s hands Amid continued trade and geopolitical volatility between Europe and the US, Amazon Web Services is making its European Sovereign Cloud generally available today…
VoidLink Linux Malware Framework Targets Cloud Environments
Designed for long-term access, the framework targets cloud and container environments with loaders, implants, and rootkits. The post VoidLink Linux Malware Framework Targets Cloud Environments appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login
Palo Alto Networks has released security updates for a high-severity security flaw impacting GlobalProtect Gateway and Portal, for which it said there exists a proof-of-concept (PoC) exploit. The vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7), has been described as a…
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant,…