⚠️ GodDamn ransomware is using the PoisonX kernel driver to disable endpoint defenses before encryption.
Symantec says attackers also used AnyDesk, PsExec, and a NirSoft-based credential harvesting toolkit in a June attack.
Read the full story: https://t.co/5ejPa8cdMi
Microsoft says a Copilot bug (CW1226324) let Microsoft 365 Copilot summarize confidential emails, bypassing DLP policies.
Since Jan 21, 2026, emails in Sent Items and Drafts with sensitivity labels were processed in Copilot Chat without permission.
Microsoft fixed the issue on Feb 3 but hasn’t disclosed impact.
🔗 Details → https://t.co/eK3vDIEbgj
⚠️ Microsoft 365 Copilot Flaw Allows AI Assistant to Summarize Sensitive Emails
Source: https://t.co/KiE1xOSrvT
A security flaw in Microsoft 365 Copilot is causing the AI assistant to incorrectly summarize email messages protected by confidentiality sensitivity labels, bypassing configured Data Loss Prevention (DLP) policies dxposing potentially sensitive organizational data to unauthorized AI processing.
According to the incident report, the Copilot "Work Tab" Chat feature is actively summarizing emails that carry a confidential sensitivity label, even when DLP policies are explicitly configured to restrict such processing.
#cybersecuritynews
🛡️ We added Microsoft vulnerability CVE-2024-43468, Notepad++ vulnerability CVE-2025-15556, SolarWinds vulnerability CVE 2025-40536, & Apple vulnerability CVE-2026-20700 to our KEV Catalog. Apply mitigations to protect your org from cyberattacks. https://t.co/myxOwap1Tf
Researchers found the first malicious Microsoft Outlook add-in used in real attacks.
Hackers hijacked an abandoned calendar plug-in, claimed its expired domain, and served a fake Microsoft login—stealing 4,000+ credentials. The add-in still had mailbox read/write permissions.
🔗 Learn how... → https://t.co/PQruhopOTV
Cybercriminal group DarkSpectre is believed to be behind three malicious browser extension campaigns: ShadyPanda, GhostPoster, and Zoom Stealer.
https://t.co/Ihy5GejIlm
One of our most commonly requested features is here...
Generate AI images without sacrificing your privacy. Your prompts are anonymized by us and never used to train the underlying model.
Microsoft is investigating an ongoing DNS outage affecting customers worldwide, preventing them from accessing Microsoft Azure and Microsoft 365 services.
https://t.co/sUQI4yMBuG
Microsoft has released emergency security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code.
https://t.co/zsJSGtuTcR