N-gated Hacker News2d ago
🚨 BREAKING: GitHub Copilot #CLI has discovered the innovative new feature of downloading malware! 🤖💻 Because, you know, nothing says "cutting-edge developer tool" like a side of cyber threats. 🙄 Bravo, GitHub, for turning coding into an extreme sport of data exfiltration! 🏆
https://www.promptarmor.com/resources/github-copilot-cli-downloads-and-executes-malware #GitHubCopilot #malware #CyberSecurity #DeveloperTools #Innovation #DataExfiltration #HackerNews #ngated
GitHub Copilot CLI Downloads and Executes Malware

Vulnerabilities in the GitHub Copilot CLI expose users to the risk of arbitrary shell command execution via indirect prompt injection without any user approval. We demonstrate that malware can be downloaded from external servers and executed with no user interaction beyond the initial query to the Copilot CLI.

TechNaduFeb 20

A Nigerian national sentenced to 8 years for compromising CPA firms using Warzone RAT.
Attack methodology:
• Targeted spear-phishing (CEO impersonation)
• Domain/email spoofing
• Malicious executable disguised via crypter
• Dropbox-hosted payload delivery
• RAT deployment for lateral movement + data exfil
• Harvesting SSNs + historical tax data
• Filing 1,000+ fraudulent returns
The indictment describes AV evasion and silent RAT installation once the executable was triggered.

Detection questions:
Would EDR behavioral analysis have flagged unusual outbound traffic?
Were macro restrictions or executable policies enforced?
Was there email authentication enforcement (DMARC, SPF, DKIM)?
Was MFA enforced across admin endpoints?

Source: https://www.bleepingcomputer.com/news/security/nigerian-man-gets-eight-years-in-prison-for-hacking-tax-firms/

Financial services remain high-value PII targets.
Drop your technical perspective below.

Follow @technadu for advanced threat intelligence reporting.

#Infosec #ThreatModeling #RAT #EDR #BlueTeam #RedTeam #MalwareAnalysis #PhishingDefense #CyberForensics #DigitalEvidence #DataExfiltration #SOC

WinbuzzerFeb 18

https://winbuzzer.com/2026/02/18/openai-launches-chatgpt-lockdown-mode-high-risk-users-xcxwbn/

OpenAI Launches ChatGPT Lockdown Mode for High-Risk Users

#AI #ChatGPT #OpenAI #AISecurity #PromptInjection #DataExfiltration

Manuel BisseyFeb 2

ShinyHunters is abusing trusted cloud services to exfiltrate data — blending in to stay invisible. When legit platforms are weaponized, detection must focus on behavior. ☁️🕵️‍♂️ #ThreatActors #DataExfiltration

https://thehackernews.com/2026/01/mandiant-finds-shinyhunters-using.html

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Mandiant reports ShinyHunters-linked vishing attacks abusing MFA and SSO to breach SaaS apps, steal data, and extort organizations.

The Hacker News
Hacker NewsJan 21

OpenAI API Logs: Unpatched data exfiltration

https://www.promptarmor.com/resources/openai-api-logs-unpatched-data-exfiltration

#HackerNews #OpenAI #API #Logs #DataExfiltration #CyberSecurity #AI #Ethics #TechNews

OpenAI API Logs: Unpatched Data Exfiltration

OpenAI’s API log viewer is vulnerable to a data exfiltration attack, exposing apps and agents that use OpenAI APIs, even if developers (and Agent Builder users) leverage all available defenses. The vulnerability was disclosed to OpenAI, but was closed with the status 'Not applicable' after 4 follow-ups.

WinbuzzerJan 17

https://winbuzzer.com/2026/01/17/security-flaw-resurfaces-in-anthropics-new-claude-cowork-tool-days-after-launch-xcxwbn/

Security Flaw Resurfaces in Anthropic’s New Claude Cowork Tool Days After Launch

#AI #Anthropic #Claude #CyberSecurity #AISecurity #AIAgents #ClaudeCowork #PromptInjection #DataExfiltration #AIRisks #AITools #FilesAPI #AgenticAI #PromptArmor

Ars Technica NewsJan 14
A single click mounted a covert, multistage attack against Copilot https://arstechni.ca/kkdK #dataexfiltration #promptinjections #Security #copilot #Biz&IT #LLMs #AI
A single click mounted a covert, multistage attack against Copilot

Exploit exfiltrating data from chat histories worked even after users closed chat windows.

Ars Technica
Ars Technica NewsJan 8
ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues https://arstechni.ca/QKxA #dataexfiltration #promptinjections #Security #chatbots #Biz&IT #AI
ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

Will LLMs ever be able to stamp out the root cause of these attacks? Possibly not.

Ars Technica
N-gated Hacker NewsJan 7
🤖 Oh look, another AI tool built with the security prowess of Swiss cheese 🧀. Notion AI and its fancy billion-dollar acquisition, now with bonus features: data exfiltration galore! 🕵️‍♂️ Because who doesn't enjoy a little unsolicited data sharing? 🙄
https://www.promptarmor.com/resources/notion-ai-unpatched-data-exfiltration #AItools #DataPrivacy #NotionAI #Cybersecurity #DataExfiltration #HackerNews #ngated
Notion AI: Data Exfiltration

Notion AI was susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval.

Hacker NewsJan 7

Notion AI: Unpatched data exfiltration

https://www.promptarmor.com/resources/notion-ai-unpatched-data-exfiltration

#HackerNews #NotionAI #DataExfiltration #Cybersecurity #Privacy #TechNews

Notion AI: Data Exfiltration

Notion AI was susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval.