SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.

For January, Patch Tuesday starts off with a bang

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day ...

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...

One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into a data exfiltration tool

A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve ...

This Microsoft Copilot AI attack took a single click to compromise users

Security researchers Varonis have discovered Reprompt, a new way to perform prompt-injection style attacks in Microsoft Copilot which doesn’t include sending an email with a hidden prompt or hiding ...

How this one-click Copilot attack bypassed security controls - and what Microsoft did about it

ZDNET's key takeaways Dubbed "Reprompt," the attack used a URL parameter to steal user data.A single click was enough to ...