Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
The Register on MSN

Windows app forgets how to log in with first security update of the year

January patch trips up Azure Virtual Desktop and Windows 365 authentication Microsoft has kicked off 2026 with another faulty ...

One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into a data exfiltration tool

A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve ...

Some Verizon Users Not Impressed by $20 Credit After Outage

A company spokeswoman said “a software issue” was to blame for the outage, which disrupted cellular and data service for over ...
Windows Report

Windows 11 and Server 2025 Updates Get Bigger With New CLFS Security Changes

Microsoft adds HMAC protection to CLFS in Windows 11 25H2 and Server 2025, improving security while increasing disk and I/O ...
CSO Online

January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention

Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for ...

Flipping one bit leaves AMD CPUs open to VM vuln

Basically, by flipping a bit – bit 19 of the undocumented core-scoped model-specific register (MSR) 0xC0011029 – the attacker ...
Techlicious

Got That Scary Instagram Password Reset Email? Here's What to Do

Meta fixed a flaw that let hackers send password reset emails to users, but it says no accounts were compromised. Here's what ...
Redmondmag.com

Zero-Day Attack Drives 113-Vulnerability Patch Tuesday Release to Start 2026

Microsoft rang in 2026 with its biggest January Patch Tuesday rollout in four years, shipping fixes for 113 vulnerabilities ...

Microsoft shares 112 vulnerabilities it addressed in January, which is 68 fewer than this time last year

That sounds like a high number of vulnerabilities but it's actually a fairly large drop from this time last year, which saw ...
SecurityWeek

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact

Industrial giants Siemens, Schneider Electric, Phoenix Contact, and Aveva have published a dozen Patch Tuesday advisories to ...