Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Copilot Reprompt fix (January 2026 Patch Tuesday)

Security Patch Release
First reported
Last updated
Happening score
H score 19
2 unique sources, 2 articles

Summary

Hide ▲

Microsoft issued a fix for the Reprompt issue in Microsoft Copilot, closing a session-hijack path that could enable invisible data exfiltration. The update landed on January 2026 Patch Tuesday after responsible disclosure, giving defenders a concrete patch point for the prompt-injection flaw. The issue matters because a single click on a crafted link could let an attacker drive Copilot actions inside an authenticated session.

Related Happenings

Google Antigravity prompt-injection fix

Security Patch Release
First: 21.04.2026 13:52 Last: 21.04.2026 13:52 Sources 1

About this happening: **Google** fixed **Antigravity**'s **prompt injection flaw** in **February**, closing a path that could lead to **sandbox escape** and **remote code execution (RCE)**. The patch f...

Open Happening

Microsoft expands Purview DLP enforcement for Copilot across local and cloud Office files

Security Tool/Service
First: 24.02.2026 19:30 Last: 24.02.2026 19:30 Sources 1

About this happening: Microsoft is expanding **Purview DLP** so **Microsoft 365 Copilot** cannot process restricted **Word, Excel, and PowerPoint** files stored on **local devices, SharePoint, or OneDr...

Open Happening

Google Looker security bulletin fix (multiple vulnerabilities)

Security Patch Release
First: 04.02.2026 13:00 Last: 04.02.2026 13:00 Sources 1

About this happening: **Google** issued a security fix for **Looker** in **GCP-2025-052** after **Tenable Research** disclosed **LeakyLooker** findings, a set of **nine cross-tenant vulnerabilities** i...

Open Happening

Notepad++ hit by network compromise

Incident
First: 03.02.2026 06:55 Last: 03.02.2026 06:55 Sources 1

About this happening: The **Notepad++** hosting breach enabled attackers to hijack the software update path and selectively redirect some users to **malicious servers**, creating a **supply-chain** ris...

Latest development: 18.02.2026 09:40

Notepad++ released version 8.9.2 to harden the update mechanism after the hijacked update path was used to deliver targeted malware. The release adds a "double lock" design with verification of the signed installer downloaded from GitHub and verification of the signed XML returned by the update server at notepad-plus-plus[.]org, and it also introduces WinGUp hardening including removal of libcurl.dll, removal of CURLSSLOPT_ALLOW_BEAST and CURLSSLOPT_NO_REVOKE, and restriction of plugin management execution to programs signed with the same certificate as WinGUp.

Open Happening

Microsoft Teams adds "Report a Call" for suspicious calls with phased rollout

Security Tool/Service
First: 29.01.2026 16:49 Last: 29.01.2026 16:49 Sources 1

About this happening: Microsoft is adding **"Report a Call"** to **Teams**, letting users flag **suspicious or unwanted calls** as potential **scams or phishing**. The feature is **enabled by default**...

Open Happening

Timeline

  1. 14.01.2026 16:00 1 articles · 4mo ago

    Varonis discloses Reprompt Copilot session hijack

    Initial Disclosure

    Varonis researchers disclosed Reprompt to Microsoft on August 31, 2025 after showing that a legitimate URL's q parameter could hide malicious instructions, trigger a single-click Microsoft Copilot session hijack, and enable invisible data exfiltration from an authenticated Copilot session.

    Show sources
    Open in new tab
  2. 14.01.2026 16:00 3 articles · 4mo ago

    Microsoft ships a fix for Reprompt in Microsoft Copilot

    Mitigation Patch Update

    Microsoft issued a fix for Reprompt on January 2026's Patch Tuesday, closing a Copilot session-hijack path that could keep an authenticated Microsoft Copilot conversation alive after a single click and support invisible data exfiltration.

    Show sources
    Open in new tab