Technology
Why clicking the wrong Copilot link could put your data at risk
NEWYou can now listen to Fox News articles!
AI assistants are supposed to make life easier. Tools like Microsoft Copilot can help you write emails, summarize documents, and answer questions using information from your own account. But security researchers are now warning that a single bad link could quietly turn that convenience into a privacy risk.
A newly discovered attack method shows how attackers could hijack a Copilot session and siphon data without you seeing anything suspicious on screen.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Because Copilot stays tied to your logged-in Microsoft account, attackers can quietly use your active session to access data in the background. (Photo by Donato Fasano/Getty Images)
What researchers discovered about Copilot links
ILLINOIS DHS DATA BREACH EXPOSES 700K RESIDENTS’ RECORDS
Security researchers at Varonis uncovered a technique they call “Reprompt.” In simple terms, it shows how attackers could sneak instructions into a normal-looking Copilot link and make the AI do things on their behalf.
Here’s the part that matters to you. Microsoft Copilot is connected to your Microsoft account. Depending on how you use it, Copilot can see your past conversations, things you’ve asked it and certain personal data tied to your account. Normally, Copilot has guardrails to prevent sensitive information from leaking. Reprompt showed a way around some of those protections.
The attack starts with just one click. If you open a specially crafted Copilot link sent through email or a message, Copilot can automatically process hidden instructions embedded inside the link. You don’t need to install anything, and there are no pop-ups or warnings. After that single click, Copilot can keep responding to instructions in the background using your already logged-in session. Even closing the Copilot tab does not immediately stop the attack, because the session stays active for a while.
How Reprompt works
Varonis found that Copilot accepts questions through a parameter inside its web address. Attackers can hide instructions inside that address and make Copilot execute them as soon as the page loads.
That alone would not be enough, because Copilot tries to block data leaks. The researchers combined several tricks to get around this. First, they injected instructions directly into Copilot through the link itself. This allowed Copilot to read information it normally shouldn’t share.
Second, they used a “try twice” trick. Copilot applies stricter checks the first time it answers a request. By telling Copilot to repeat the action and double-check itself, the researchers found that those protections could fail on the second attempt.
Third, they showed that Copilot could keep receiving follow-up instructions from a remote server controlled by the attacker. Each response from Copilot helped generate the next request, allowing data to be quietly sent out piece by piece. The result is an invisible back-and-forth where Copilot keeps working for the attacker using your session. From your perspective, nothing looks wrong.
MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS
Varonis responsibly reported the issue to Microsoft, and the company fixed it in the January 2026 Patch Tuesday updates. There is no evidence that Reprompt was used in real-world attacks before the fix. Still, this research is important because it shows a bigger problem. AI assistants have access, memory and the ability to act on your behalf. That combination makes them powerful, but also risky if protections fail. As researchers put it, the danger increases when autonomy and access come together.
It’s also worth noting that this issue only affected Copilot Personal. Microsoft 365 Copilot, which businesses use, has extra security layers like auditing, data loss prevention and admin controls.
“We appreciate Varonis Threat Labs for responsibly reporting this issue,” a Microsoft spokesperson told CyberGuy. “We have rolled out protections that address the scenario described and are implementing additional measures to strengthen safeguards against similar techniques as part of our defense-in-depth approach.”
8 steps you can take to stay safe from AI attacks
Even with the fix in place, these habits will help protect your data as AI tools become more common.
1) Install Windows and browser updates immediately
Security fixes only protect you if they’re installed. Attacks like Reprompt rely on flaws that already have patches available. Turn on automatic updates for Windows, Edge, and other browsers so you don’t delay critical fixes. Waiting weeks or months leaves a window where attackers can still exploit known weaknesses.
2) Treat Copilot and AI links like login links
If you wouldn’t click a random password reset link, don’t click unexpected Copilot links either. Even links that look official can be weaponized. If someone sends you a Copilot link, pause and ask yourself whether you were expecting it. When in doubt, open Copilot manually instead.
Even after Microsoft fixed the flaw, the research highlights why limiting data exposure and monitoring account activity still matters as AI tools evolve. (Photographer: Prakash Singh/Bloomberg via Getty Images)
3) Use a password manager to protect your accounts
A password manager creates and stores strong, unique passwords for every service you use. If attackers manage to access session data or steal credentials indirectly, unique passwords prevent one breach from unlocking your entire digital life. Many password managers also warn you if a site looks suspicious or fake.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
4) Enable two-factor authentication on your Microsoft account
Two-factor authentication (2FA) adds a second layer of protection, even if attackers gain partial access to your session. It forces an extra verification step, usually through an app or device, making it much harder for someone else to act as you inside Copilot or other Microsoft services.
5) Reduce how much personal data exists online
Data broker sites collect and resell personal details like your email address, phone number, home address and even work history. If an AI tool or account session is abused, that publicly available data can make the damage worse. Using a data-removal service helps delete this information from broker databases, shrinking your digital footprint and limiting what attackers can piece together.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Run strong antivirus software on your device
Modern antivirus tools do more than scan files. They help detect phishing links, malicious scripts and suspicious behavior tied to browser activity. Since Reprompt-style attacks start with a single click, having real-time protection can stop you before damage happens, especially when attacks look legitimate.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
7) Regularly review your account activity and settings
Check your Microsoft account activity for unfamiliar logins, locations, or actions. Review what services Copilot can access, and revoke anything you no longer need. These checks don’t take long, but they can reveal issues early, before attackers have time to do serious damage. Here’s how:
Go to account.microsoft.com and sign in to your Microsoft account.
Select Security, then choose View my sign-in activity and verify your identity if prompted.
Review each login for unfamiliar locations, devices, or failed sign-in attempts.
If you see anything suspicious, select This wasn’t me or Secure your account, then change your password immediately and enable two-step verification.
Visit account.microsoft.com/devices and remove any devices you no longer recognize or use.
In Microsoft Edge, open Settings > Appearance > Copilot and Sidebar > Copilot and turn off Allow Microsoft to access page content if you want to limit Copilot’s access.
Review apps connected to your Microsoft account and revoke permissions you no longer need.
A single Copilot link can carry hidden instructions that run the moment you click, without any warning or pop-ups. (iStock)
8) Be specific about what you ask AI tools to do
Avoid giving AI assistants broad authority like “handle whatever is needed.” Wide permissions make it easier for hidden instructions to influence outcomes. Keep requests narrow and task-focused. The less freedom an AI has, the harder it is for malicious prompts to steer it silently.
Kurt’s key takeaway
Reprompt doesn’t mean Copilot is unsafe to use, but it does show how much trust these tools require. When an AI assistant can think, remember and act for you, even a single bad click can matter. Keeping your system updated and being selective about what you click remains just as important in the age of AI as it was before.
Do you feel comfortable letting AI assistants access your personal data, or does this make you more cautious? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Slay the Spire II launched in early access last week, and it’s already an excellent sequel to one of the best roguelikes of all time. In many ways, it’s very similar to its predecessor. Like Hades II and Hollow Knight: Silksong, Slay the Spire II mostly iterates on an already superb foundation. But it does add online co-op with up to four players. While multiplayer changes the familiar rhythms of Slay the Spire just a bit, it’s still a great way to tackle the arduous climb up the spire.
A round of Slay the Spire II plays essentially the same as the original: In each run, you navigate three different acts across a winding map, slowly making a build by crafting your deck and picking up various perk-giving relics, and fighting enemies, elites, and bosses along the way. Slay the Spire II retains the deliberate, turn-based style of play, meaning that when it’s your turn, you have as much time as you want to decide what to do. Since you can see exactly what your enemies are planning for their next turn, there’s a lot of strategy in deciding how much damage to do and how much defense you might need to set up. Multiplayer adds a slight twist: When it’s your turn, everyone can play simultaneously. That opens up all sorts of new opportunities for planning, but it also requires communication to make sure everyone is using their cards effectively.
My multiplayer partner was my wife, the biggest Slay the Spire fan I know, and on our second run we got a thrilling victory. I played the new Necrobinder character, a necromancer, while she played as the returning Silent, which can make decks built around flurries of shivs. Over the course of the run, we accidentally settled into a strategy where I focused on applying the Vulnerable status to as many enemies as possible before my wife would rain down shivs upon our foes.
Slay the Spire II doesn’t encourage teamwork only in battles. At a campfire rest stop, you can choose to mend a friend’s health to help them out. (Some of the new enemies are tough, so I’m glad this is an option.) You each get a vote on which path to take next on the map. Everyone can draw on the map, too — as I learned many times after seeing the doodles my wife made when I would spend too long in the shop.
Since we had to communicate so much, our winning run took about an hour and a half, slower than how fast I could blast through runs in the first game. When we finally defeated the Act 3 boss, though, it was even more satisfying than most of my solo wins because we did it together. My one complaint is that co-op requires you to each play online on your own copy of the game, and that, because there’s no couch co-op, we each had to play on separate devices even though we were sitting on the couch right next to each other.
Those are annoying tradeoffs, but multiplayer is such a fun addition to Slay the Spire that I don’t mind. I can’t wait to try another multiplayer run and see what challenges — and doodles — are in store for me.
NEWYou can now listen to Fox News articles!
Most people never think about Android security updates until a headline like this appears. Suddenly, your phone, the device you use for messages, banking, photos and work, becomes part of a global cybersecurity story.
That is exactly what happened this week. Google released its latest Android security updates, and they fix a massive 129 vulnerabilities. Even more concerning, one of them is already being exploited by attackers.
The flaw targets a component connected to Qualcomm graphics hardware, and researchers say it has already been used in limited targeted attacks. If you use an Android phone, this is the kind of update you want installed as soon as possible.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
GOOGLE DISMANTLES 9M-DEVICE ANDROID HIJACK NETWORK
Google’s March Android security update fixes 129 vulnerabilities, including a zero-day flaw already exploited in targeted attacks. (Firdous Nazir/NurPhoto via Getty Images)
Android security flaw already targeted by attackers
One vulnerability in particular has security researchers paying close attention. The flaw is tracked as CVE-2026-21385. Google says there are signs it is already being used in targeted attacks. That makes it a zero-day vulnerability.
In simple terms, attackers discovered the flaw before many devices received a fix. According to Qualcomm, the problem is tied to the graphics processing component inside many of its chipsets. Specifically, the issue involves something called an integer overflow. That technical term means a calculation error can cause memory corruption inside the system. Once that happens, attackers may gain a foothold on the device.
Qualcomm says the flaw impacts 235 different chipsets, which means a large number of Android phones could be affected. Google’s Threat Analysis Group discovered the issue and reported it through coordinated disclosure practices. Qualcomm then worked with device makers to release patches.
Why the Android security vulnerability is dangerous
Several of the patched vulnerabilities allow attackers to execute code remotely or gain elevated privileges on a device. One issue inside the Android System component is especially concerning. Google says it could allow remote code execution without any user interaction.
That means an attacker may exploit the flaw without the victim tapping a link or installing an app. In cybersecurity terms, that type of vulnerability ranks among the most dangerous.
The March Android bulletin addresses ten critical flaws across the System, Framework and Kernel components. These parts sit at the core of Android, so any weakness there can ripple across millions of devices.
ANDROID MALWARE HIDDEN IN FAKE ANTIVIRUS APP
Android users are urged to install the latest security patch as manufacturers roll out updates across devices. (Barrington Coombs/PA Images via Getty Images)
Why some Android phones get security updates faster
Google released two patch levels for this update:
- 2026-03-01 security patch level
- 2026-03-05 security patch level
The second update includes everything in the first, plus fixes for additional hardware components and third-party software. Google Pixel devices typically receive updates immediately. However, many Android users must wait longer.
Phone manufacturers such as Samsung, Motorola and OnePlus often test the patches before releasing them for specific models. Carriers may also delay updates while they verify compatibility. As a result, some users receive security patches quickly while others wait weeks.
How to protect your Android phone from security threats
Security vulnerabilities are a reality in modern software. The good news is that there are several simple steps that can greatly reduce your risk.
1) Install Android updates quickly
Check for updates regularly and install them as soon as they appear. On most devices, go to Settings, tap Security and privacy or Software update, then select Check for updates and install the latest version if one is available. Security updates often fix vulnerabilities that attackers may already be trying to exploit.
2) Avoid apps from unknown sources
Only download apps from trusted stores like Google Play. Third-party app stores pose a higher risk of malware.
3) Keep Google Play Protect enabled
Google Play Protect, which is built-in malware protection for Android devices, scans apps for malicious behavior and warns you if something suspicious appears. It also automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn’t 100% foolproof at removing all known malware from Android devices. Therefore, we recommend strong antivirus software because it adds another layer of protection by using deeper threat detection, real-time monitoring and broader malware databases that can catch suspicious apps or files that Google Play Protect may overlook. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
4) Use strong device security
Set a strong passcode on your phone and turn on fingerprint or face unlock if your device supports it. This helps keep strangers out of your phone if it is lost or stolen.
5) Be cautious with suspicious links
Many attacks still start with phishing messages. Avoid tapping unknown links in texts, emails, or social media messages.
YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT
A critical Android zero-day tied to Qualcomm chipsets could allow attackers to gain a foothold on affected devices. (Donato Fasano/Getty Images)
The bigger picture behind Android security updates
This Android update also highlights how modern mobile security works behind the scenes. Google’s Threat Analysis Group frequently discovers vulnerabilities that may already be used in real-world attacks. Those findings trigger coordinated responses involving chip manufacturers, phone makers and security researchers. In this case, Qualcomm received the report in December and provided fixes to device makers in early 2026.
By the time the public bulletin arrived, patches were already moving through the Android ecosystem. The process may look slow from the outside. In reality, it involves dozens of companies working together to prevent widespread exploitation.
Kurt’s key takeaways
Security updates rarely feel exciting. Yet they play a critical role in protecting billions of smartphones around the world. This latest Android update proves that point clearly. A zero-day flaw tied to Qualcomm graphics hardware was already being targeted before many users even knew it existed. Installing updates quickly remains one of the simplest ways to protect your device and your personal data. Most of the time, the update only takes a few minutes. Those few minutes can block attacks that might otherwise compromise your phone. So the next time your Android device prompts you to install a security patch, the better question may be this:
When your phone asks for a security update, do you install it immediately or tap remind me later? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
The rumored “HomePod with a screen” we’ve heard so much about was reportedly lined up for launch in 2025, and then this spring, and now, according to the latest updates, it’s on the shelf until this fall. Leaker Kosutami posted as much on X last week, and today, Bloomberg reporter Mark Gurman followed up with similar information, saying its robot arm-equipped cousin is now planned for launch in 2027.
That was supposed to be ready by now, but it is now predicted to arrive later this year, along with the iPhone 18 Pro plus 2027 updates for iOS, macOS, and all the rest. He describes a silver aluminum-cased device with a 7-inch screen and USB-C power port running a version of tvOS 27, while new versions of the HomePod speaker and Apple TV 4K box are also waiting in the wings for that Siri update, and a smart home sensor is in the works, too.
Detroit Lions Sign QB Teddy Bridgewater To Backup Jared Goff in 2026
Where the wild things dine: Inside Wolfsbane, San Francisco’s most exciting new restaurant
Maxx Crosby-Ravens Trade Dead, Opening Perfect Cowboys Opportunity
Miami Dolphins Fans Sound Off On The Signing Of QB Malik Willis
Boston Police Blotter: Southie pub brawl leads to alleged stabbing
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Map: 2.3-Magnitude Earthquake Reported North of New York City
Trump stirs GOP primary drama with visit to Massie’s Kentucky home turf
Israeli air strike targets building in south Lebanon
Ed Martin, outspoken Justice Department lawyer, is formally accused of ethical violations | CNN Politics
Trump reveals top issues GOP should focus on to secure midterms victory: ‘I’ve never been more confident’
-
Wisconsin1 week agoSetting sail on iceboats across a frozen lake in Wisconsin
-
Massachusetts1 week agoMassachusetts man awaits word from family in Iran after attacks
-
Maryland1 week agoAM showers Sunday in Maryland
-
Pennsylvania5 days agoPa. man found guilty of raping teen girl who he took to Mexico
-
Florida1 week agoFlorida man rescued after being stuck in shoulder-deep mud for days
-
Detroit, MI5 days agoU.S. Postal Service could run out of money within a year
-
Miami, FL6 days agoCity of Miami celebrates reopening of Flagler Street as part of beautification project
-
Sports6 days agoKeith Olbermann under fire for calling Lou Holtz a ‘scumbag’ after legendary coach’s death