ZDNET's key takeaways Dubbed "Reprompt," the attack used a URL parameter to steal user data.A single click was enough to trigger the entire attack chain.Attackers could pull sensitive Copilot data, even after the window closed.

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities.

Microsoft has released fixes for a set of flawed January 2026 security updates that caused authentication and power management issues for some users. The updates are available for Windows client versions 10,

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.

CERT-In issues high-severity alert for Windows 10, Windows 11 and Microsoft Office over CVE-2026-20805 vulnerability. Microsoft confirms exploit in the wild, urges urgent updates.

Learn how Microsoft unites privacy and security through advanced tools and global compliance to protect data and build trust.

As AI-powered cyberattacks become even more autonomous and widespread, cybersecurity teams will need to adapt by becoming faster and more sophisticated in their response capabilities, according to Microsoft security executive Rob Lefferts.

Windows 10 KB5073724 is available, but it shows up only when you subscribe to ESU (Extended Security Updates).