A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
CSO Online

Output from vibe coding tools prone to critical security flaws, study finds

The assessment, which it conducted in December 2025, compared five of the best-known vibe coding tools — Claude Code, OpenAI ...