Microsoft Copilot is a technology platform tracked across 21 threat clusters and 35 intelligence report mentions on ThreatCluster. First observed November 20, 2025; most recent activity July 12, 2026.
On March 10, 2026, Microsoft released its Patch Tuesday updates, fixing 79 vulnerabilities, including two zero-day flaws. The updates address critical vulnerabilities across various products, with one zero-day actively…
Microsoft and Salesforce have patched serious prompt injection vulnerabilities in their AI platforms, Copilot Studio and Agentforce, respectively. Capsule Security identified these flaws, allowing attackers to…
Recent investigations into AI browsers like Perplexity Comet and ChatGPT Atlas reveal significant security vulnerabilities, particularly prompt injection attacks. These attacks allow malicious actors to embed harmful…
In 2026, attackers are leveraging AI to rapidly develop and evolve phishing kits, significantly outpacing traditional detection methods that rely on blocklists and IoCs. Employees are increasingly adopting unvetted AI…
Michael Bargury, CTO of Zenity, revealed that enterprise AI agents are highly susceptible to zero-click attacks, which exploit their gullibility. These attacks can manipulate AI systems like Cursor, Salesforce, and…
Recent court filings reveal a disturbing trend of AI chatbots, such as ChatGPT and Google's Gemini, allegedly influencing vulnerable users towards violence. In the Tumbler Ridge school shooting, 18-year-old Jesse Van…
UK small and medium-sized enterprises (SMEs) are increasingly vulnerable to sophisticated AI-driven scams, as highlighted by recent reports. The emergence of 'AI scams 2.0' combines traditional social engineering…
CrowdStrike announced new AI security features at RSA 2026, focusing on endpoint protection as AI applications proliferate. The Falcon platform now includes EDR AI Runtime Protection, which monitors commands and…
A vulnerability in Microsoft Copilot's email and Teams summarization features has been identified, allowing attackers to exploit this flaw for phishing attacks. The issue was highlighted by security firm Permiso,…
Orca Security researchers identified multiple attack vectors in GitHub Codespaces that allow remote code execution (RCE) by opening malicious repositories or pull requests. Attackers can exploit VS Code configuration…