Category: Bleeping Computer

Copilot
06
Jan
2026

Are Copilot prompt injection flaws vulnerabilities or AI limits?

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its…

Share: X : Are Copilot prompt injection flaws vulnerabilities or AI limits?Facebook : Are Copilot prompt injection flaws vulnerabilities or AI limits?Linkedin : Are Copilot prompt injection flaws vulnerabilities or AI limits?Reddit : Are Copilot prompt injection flaws vulnerabilities or AI limits?Telegram : Are Copilot prompt injection flaws vulnerabilities or AI limits?WhatsApp : Are Copilot prompt injection flaws vulnerabilities or AI limits?Email : Are Copilot prompt injection flaws vulnerabilities or AI limits?
Cloud file-sharing sites targeted for corporate data theft attacks
06
Jan
2026

Cloud file-sharing sites targeted for corporate data theft attacks

A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching…

Share: X : Cloud file-sharing sites targeted for corporate data theft attacksFacebook : Cloud file-sharing sites targeted for corporate data theft attacksLinkedin : Cloud file-sharing sites targeted for corporate data theft attacksReddit : Cloud file-sharing sites targeted for corporate data theft attacksTelegram : Cloud file-sharing sites targeted for corporate data theft attacksWhatsApp : Cloud file-sharing sites targeted for corporate data theft attacksEmail : Cloud file-sharing sites targeted for corporate data theft attacks
Windows BSOD
06
Jan
2026

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death…

Share: X : ClickFix attack uses fake Windows BSOD screens to push malwareFacebook : ClickFix attack uses fake Windows BSOD screens to push malwareLinkedin : ClickFix attack uses fake Windows BSOD screens to push malwareReddit : ClickFix attack uses fake Windows BSOD screens to push malwareTelegram : ClickFix attack uses fake Windows BSOD screens to push malwareWhatsApp : ClickFix attack uses fake Windows BSOD screens to push malwareEmail : ClickFix attack uses fake Windows BSOD screens to push malware
Brightspeed
05
Jan
2026

US broadband provider Brightspeed investigates breach claims

Brightspeed, one of the largest fiber broadband companies in the United States, is investigating security breach and data theft claims…

Share: X : US broadband provider Brightspeed investigates breach claimsFacebook : US broadband provider Brightspeed investigates breach claimsLinkedin : US broadband provider Brightspeed investigates breach claimsReddit : US broadband provider Brightspeed investigates breach claimsTelegram : US broadband provider Brightspeed investigates breach claimsWhatsApp : US broadband provider Brightspeed investigates breach claimsEmail : US broadband provider Brightspeed investigates breach claims
NordVPN
05
Jan
2026

NordVPN denies breach claims, says attackers have “dummy data”

NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained “dummy data” from a trial…

Share: X : NordVPN denies breach claims, says attackers have “dummy data”Facebook : NordVPN denies breach claims, says attackers have “dummy data”Linkedin : NordVPN denies breach claims, says attackers have “dummy data”Reddit : NordVPN denies breach claims, says attackers have “dummy data”Telegram : NordVPN denies breach claims, says attackers have “dummy data”WhatsApp : NordVPN denies breach claims, says attackers have “dummy data”Email : NordVPN denies breach claims, says attackers have “dummy data”
VSCode IDE forks expose users to
05
Jan
2026

VSCode IDE forks expose users to “recommended extension” attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in…

Share: X : VSCode IDE forks expose users to “recommended extension” attacksFacebook : VSCode IDE forks expose users to “recommended extension” attacksLinkedin : VSCode IDE forks expose users to “recommended extension” attacksReddit : VSCode IDE forks expose users to “recommended extension” attacksTelegram : VSCode IDE forks expose users to “recommended extension” attacksWhatsApp : VSCode IDE forks expose users to “recommended extension” attacksEmail : VSCode IDE forks expose users to “recommended extension” attacks
CISOs on the line header
05
Jan
2026

Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome

By Itamar Apelblat, CEO & Co-founder, Token Security If you are a CISO today, agentic AI probably feels familiar in…

Share: X : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeFacebook : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeLinkedin : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeReddit : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeTelegram : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeWhatsApp : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeEmail : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome
Ledger customers impacted by third-party Global-e data breach
05
Jan
2026

Ledger customers impacted by third-party Global-e data breach

Ledger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment…

Share: X : Ledger customers impacted by third-party Global-e data breachFacebook : Ledger customers impacted by third-party Global-e data breachLinkedin : Ledger customers impacted by third-party Global-e data breachReddit : Ledger customers impacted by third-party Global-e data breachTelegram : Ledger customers impacted by third-party Global-e data breachWhatsApp : Ledger customers impacted by third-party Global-e data breachEmail : Ledger customers impacted by third-party Global-e data breach
Hacker holding hands up
04
Jan
2026

Hackers claim Resecurity hack, firm says it was a honeypot

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our…

Share: X : Hackers claim Resecurity hack, firm says it was a honeypotFacebook : Hackers claim Resecurity hack, firm says it was a honeypotLinkedin : Hackers claim Resecurity hack, firm says it was a honeypotReddit : Hackers claim Resecurity hack, firm says it was a honeypotTelegram : Hackers claim Resecurity hack, firm says it was a honeypotWhatsApp : Hackers claim Resecurity hack, firm says it was a honeypotEmail : Hackers claim Resecurity hack, firm says it was a honeypot
Hacker holding hands up
03
Jan
2026

ShinyHunters claims Resecurity hack, firm says it’s a honeypot

The ShinyHunters hacking group claims it breached the systems of cybersecurity firm Resecurity and stole internal data, while Resecurity says…

Share: X : ShinyHunters claims Resecurity hack, firm says it’s a honeypotFacebook : ShinyHunters claims Resecurity hack, firm says it’s a honeypotLinkedin : ShinyHunters claims Resecurity hack, firm says it’s a honeypotReddit : ShinyHunters claims Resecurity hack, firm says it’s a honeypotTelegram : ShinyHunters claims Resecurity hack, firm says it’s a honeypotWhatsApp : ShinyHunters claims Resecurity hack, firm says it’s a honeypotEmail : ShinyHunters claims Resecurity hack, firm says it’s a honeypot
Covenant Health says May data breach impacted nearly 478,000 patients
02
Jan
2026

Covenant Health says May data breach impacted nearly 478,000 patients

The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last…

Share: X : Covenant Health says May data breach impacted nearly 478,000 patientsFacebook : Covenant Health says May data breach impacted nearly 478,000 patientsLinkedin : Covenant Health says May data breach impacted nearly 478,000 patientsReddit : Covenant Health says May data breach impacted nearly 478,000 patientsTelegram : Covenant Health says May data breach impacted nearly 478,000 patientsWhatsApp : Covenant Health says May data breach impacted nearly 478,000 patientsEmail : Covenant Health says May data breach impacted nearly 478,000 patients
LastPass theft
02
Jan
2026

Cryptocurrency theft attacks traced to 2022 LastPass breach

Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining…

Share: X : Cryptocurrency theft attacks traced to 2022 LastPass breachFacebook : Cryptocurrency theft attacks traced to 2022 LastPass breachLinkedin : Cryptocurrency theft attacks traced to 2022 LastPass breachReddit : Cryptocurrency theft attacks traced to 2022 LastPass breachTelegram : Cryptocurrency theft attacks traced to 2022 LastPass breachWhatsApp : Cryptocurrency theft attacks traced to 2022 LastPass breachEmail : Cryptocurrency theft attacks traced to 2022 LastPass breach