Microsoft 365 Copilot Bug Exposed Confidential Emails Despite Security Safeguards
Microsoft 365 Copilot has been affected by a bug that caused it to read and summarize confidential emails, even when organizations had safeguards in place to prevent that from happening. The issue involved Copilot’s “work tab” chat feature, which mistakenly accessed emails stored in users’ Sent Items and Drafts folders. Some of these emails were marked with special confidentiality or sensitivity labels meant to block automated tools from processing them, but the bug allowed Copilot to ignore those protections.
Microsoft says the problem was caused by a coding error first detected in late January. The company began rolling out a fix in early February and is monitoring its progress, contacting some affected users to confirm it’s working properly. Microsoft has not said how many customers were impacted or when the issue will be fully resolved, but it has labeled the situation as a limited-service advisory rather than a widespread outage.
Researchers Warn AI Assistants Could Be Misused as Hidden Hacking Channels
Researchers at Check Point have found that AI assistants such as Microsoft Copilot and Grok could be misused by hackers to secretly send and receive commands on infected computers. Instead of having malware connect directly to a hacker-controlled server, which security systems often detect, attackers could route their communications through an AI chatbot’s web interface. In simple terms, the malware asks the AI to fetch information from a specific website, and the AI’s response carries hidden instructions back to the infected machine.
To demonstrate the risk, Check Point built a test program showing how malware could open a hidden web window, communicate with the AI assistant, and extract commands embedded in the AI’s replies. Because AI services are widely trusted and commonly allowed through security filters, this method could let attackers exchange data or steal information without raising immediate red flags. The communication works both ways, creating a back-and-forth channel between the hacker and the victim’s device through the AI platform.
The researchers also noted that this technique may not require special accounts or API keys, making it harder to shut down quickly. While companies like Microsoft and xAI have safety measures in place to block clearly harmful content, Check Point says attackers could disguise their data to bypass those protections. The company shared its findings with the AI providers, and it remains unclear whether additional safeguards have been put in place to prevent this type of abuse.
Hackers Exploited Built-In Password Flaw in Dell Product for Two Years
Security researchers at Google Cloud Mandiant have revealed that a suspected Chinese state-backed hacking group exploited a critical flaw in Dell’s RecoverPoint for Virtual Machines product for nearly two years. The vulnerability, tracked as CVE-2026-22769, involved hard-coded login credentials built directly into the system. By using these built-in credentials, attackers were able to break in, move through networks, install malware, and maintain long-term access. Researchers linked the activity to a group known as UNC6201, which has previously been associated with cyber espionage.
What makes this case especially concerning is that the weakness came “pre-installed” in the product. The system included a hidden administrator username and password that could allow an outside attacker to gain full control, including the highest level of system access. Once inside, the hackers deployed several types of malicious software, including a newly discovered backdoor called Grimbolt, designed to be harder for security experts to analyze. In some cases, the attackers were even able to expand their access into connected VMware virtual systems.
Dell has acknowledged limited active exploitation and is urging customers to update to a fixed version or apply a remediation script immediately. Experts say hard-coded credentials like this often stem from development shortcuts, forgotten test accounts, or legacy code that was never properly cleaned up. While not the most common type of flaw, these built-in passwords can be especially dangerous because they effectively hand attackers the “keys to the front door” if discovered.
Defensible Strategies
Learn from those who have been attacked
Adidas Investigates Third-Party Breach After Hackers Claim Data Theft
Adidas says it is investigating a possible data breach involving one of its independent licensing and distribution partners for martial arts products. The company stressed that the incident did not affect Adidas’ own IT systems, e-commerce platforms, or customer data. However, hackers claim they stole a large amount of information — including names, email addresses, passwords, birthdays, company details, and technical data — from the partner’s systems. Adidas has not confirmed what specific data may have been taken or when the breach occurred.
The claims were posted online by someone linked to Lapsus$, a well-known hacking group that has previously targeted major global companies. Adidas experienced a separate third-party data incident last year as well. Lapsus$ gained notoriety for high-profile cyberattacks between 2021 and 2022 and has since been tied to other hacking collectives. It remains unclear whether the latest claims are fully accurate, and Adidas says its investigation is ongoing.
Hackers Claim 1.7 Million Records Stolen in Alleged CarGurus Breach
CarGurus has reportedly suffered a data breach, with hackers claiming they stole 1.7 million corporate records. The allegation comes from the cybercrime group ShinyHunters, which posted the company on its leak site and threatened to release the data if negotiations are not made by February 20, 2026. The group says the stolen files include personal information and sensitive internal company data. CarGurus has not yet publicly confirmed the breach.
According to the hackers, the intrusion happened on February 13 and was part of a broader hacking campaign. The group says it used voice phishing, tricking employees over the phone into revealing login codes, to gain access to systems protected by popular sign-on services. In recent weeks, ShinyHunters and a related group have claimed responsibility for at least 15 breaches, targeting companies in finance, retail, and technology.
Some of the other organizations recently listed by the hackers include Canada Goose and Figure Technology Solutions. In some cases, companies have said the data came from older incidents or that only limited files were accessed through employee accounts. Security experts warn that these attacks highlight the growing risk of social engineering tactics, where criminals manipulate people, rather than breaking technical defenses, to gain access to sensitive systems.
Claude Sonnet 4.5 Demonstrated Advanced AI-Powered Cyberattacks in Testing
Recent testing showed that the latest Claude Sonnet 4.5 could carry out complex, multistage cyberattacks on networks using only standard, open-source tools, rather than the specialized toolkits earlier models had required. In simulations, the AI was able to move through networks with dozens of computers and even extract sensitive information, demonstrating that AI had become more capable of automating cyber operations without human assistance. This trend highlighted why basic security practices, like quickly applying patches and updates, were more important than ever.
One striking example from the tests showed Sonnet 4.5 successfully simulating the infamous Equifax breach using only a standard Bash shell on a Kali Linux host. The model instantly identified a known vulnerability and wrote code to exploit it without needing extra guidance, illustrating how fast and capable AI agents had become in cyberattacks. Experts warned that this ability could shift the balance of power in cybersecurity, making it critical for organizations to maintain up-to-date defenses and close security gaps promptly.