Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

OpenAI says hackers stole some data after latest code security issue

OpenAI said the damage was limited to the employees’ devices and did not affect user data nor its production systems, and none of its intellectual property was stolen.

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
Wired

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

A WIRED investigation based on Department of Homeland Security records this week revealed the identities of paramilitary Border Patrol agents who frequently used force against civilians during ...
Bloomberg L.P.

Security Firm Thwarting Nation-State Hackers Valued at $1 Billion

Socket, a cybersecurity startup that sells technology to help safeguard open-source code against hackers, has raised a new round of funding that values the company at $1 billion. Josh Kushner’s Thrive ...