Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. From a report: According to a service alert seen by BleepingComputer, this bug (tracked under CW1226324 and first detected on January 21) affects the Copilot "work tab" chat feature, which incorrectly reads and summarizes emails stored in users' Sent Items and Drafts folders, including messages that carry confidentiality labels explicitly designed to restrict access by automated tools.

Copilot Chat (short for Microsoft 365 Copilot Chat) is the company's AI-powered, content-aware chat that lets users interact with AI agents. Microsoft began rolling out Copilot Chat to Word, Excel, PowerPoint, Outlook, and OneNote for paying Microsoft 365 business customers in September 2025.

An anonymous reader shares a report: A moderator on diyAudio set up an experiment to determine whether listeners could differentiate between audio run through pro audio copper wire, a banana, and wet mud. Spoiler alert: the results indicated that users were unable to accurately distinguish between these different 'interfaces.'

Pano, the moderator who built the experiment, invited other members on the forum to listen to various sound clips with four different versions: one taken from the original CD file, with the three others recorded through 180cm of pro audio copper wire, via 20cm of wet mud, through 120cm of old microphone cable soldered to US pennies, and via a 13cm banana, and 120cm of the same setup as earlier.

Initial test results showed that it's extremely difficult for listeners to correctly pick out which audio track used which wiring setup. "The amazing thing is how much alike these files sound. The mud should sound perfectly awful, but it doesn't," Pano said. "All of the re-recordings should be obvious, but they aren't."

Micron has begun mass production of the 9650 series, the industry's first PCIe 6.0 SSD, capable of sequential read speeds up to 28 GB/s and random read performance of 5.5 million IOPS -- roughly double the throughput of the fastest PCIe 5.0 drives available today.

The drive targets AI and data center workloads and ships in E1.S and E3.S form factors across two variants: the Pro, available in capacities up to 30.72 TB, and the endurance-oriented Max, topping out at 25.6 TB. Both variants share the same peak sequential and random speeds but diverge on mixed workloads and endurance ratings -- the Max 25.6 TB carries a random endurance rating of 140,160 TBW compared to 56,064 TBW on the Pro 30.72 TB.

Power draw holds at 25 watts, unchanged from high-end PCIe 5.0 enterprise SSDs, though the 9650 is Micron's first drive to support liquid cooling alongside air. Consumer platforms are not expected to adopt PCIe 6.0 until 2030.

Valve has updated the Steam Deck website to say that the Steam Deck OLED may be out of stock "intermittently in some regions due to memory and storage shortages." From a report: The PC gaming handheld has been out of stock in the US and other parts of the world for a few days, and thanks to this update, we now know why. The update comes shortly after Valve delayed the Steam Machine, Steam Frame, and Steam Controller from a planned shipping window of early 2026 because of the memory and storage crunch.

"We have work to do to land on concrete pricing and launch dates that we can confidently announce, being mindful of how quickly the circumstances around both of those things can change," Valve said in a post about that announcement from earlier this month. Its goal is to launch that new hardware sometime in the first half of 2026, and the company is working to finalize its plans "as soon as possible."

Sales of refurbished PCs are on the up amid shortages of key components, including memory chips, that are making brand new devices more expensive. From a report: Stats compiled by market watcher Context show sales of refurbished PCs via distribution climbed 7 percent in calendar Q4 across five of the biggest European markets -- Italy, the UK, Germany, Spain, and France.

Affordability is the primary driver in the secondhand segment, the analyst says, with around 40 percent of sales driven by budget-conscious users shopping in the $235 to $355 price band for laptops. The $355 to $475 tier is also expanding -- representing 23 percent of the refurbished market, up from 15 percent a year earlier -- indicating some buyers are prepared to spend a bit more for improved specifications.

IT productivity researcher Erik Brynjolfsson writes in the Financial Times that he's finally found evidence AI is impacting America's economy. This week America's Bureau of Labor Statistics showed a 403,000 drop in 2025's payroll growth — while real GDP "remained robust, including a 3.7% growth rate in the fourth quarter." This decoupling — maintaining high output with significantly lower labour input — is the hallmark of productivity growth. My own updated analysis suggests a US productivity increase of roughly 2.7% for 2025. This is a near doubling from the sluggish 1.4% annual average that characterised the past decade... The updated 2025 US data suggests we are now transitioning out of this investment phase into a harvest phase where those earlier efforts begin to manifest as measurable output.

Micro-level evidence further supports this structural shift. In our work on the employment effects of AI last year, Bharat Chandar, Ruyu Chen and I identified a cooling in entry-level hiring within AI-exposed sectors, where recruitment for junior roles declined by roughly 16% while those who used AI to augment skills saw growing employment. This suggests companies are beginning to use AI for some codified, entry-level tasks.
Or, AI "isn't really stealing jobs yet," according to employment policy analyst Will Raderman (from the American think tank called the Niskanen Center). He argues in Barron's that "there is no clear link yet between higher AI use and worse outcomes for young workers." Recent graduates' unemployment rates have been drifting in the wrong direction since the 2010s, long before generative AI models hit the market. And many occupations with moderate to high exposure to AI disruptions are actually faring better over the past few years. According to recent data for young workers, there has been employment growth in roles typically filled by those with college degrees related to computer systems, accounting and auditing, and market research. AI-intensive sectors like finance and insurance have also seen rising employment of new graduates in recent years. Since ChatGPT's release, sectors in which more than 10% of firms report using AI and sectors in which fewer than 10% reporting using AI are hiring relatively the same number of recent grads.
Even Brynjolfsson's article in the Financial Times concedes that "While the trends are suggestive, a degree of caution is warranted. Productivity metrics are famously volatile, and it will take several more periods of sustained growth to confirm a new long-term trend." And he's not the only one wanting evidence for AI's impact. The same weekend Fortune wrote that growth from AI "has yet to manifest itself clearly in macro data, according to Apollo Chief Economist Torsten Slok." [D]ata on employment, productivity and inflation are still not showing signs of the new technology. Profit margins and earnings forecasts for S&P 500 companies outside of the "Magnificent 7" also lack evidence of AI at work... "After three years with ChatGPT and still no signs of AI in the incoming data, it looks like AI will likely be labor enhancing in some sectors rather than labor replacing in all sectors," Slok said.

"A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks," reports the Register. Researchers at software supply-chain security company ReversingLabs say that the threat actor creates fake companies in the blockchain and crypto-trading sectors and publishes job offerings on various platforms, like LinkedIn, Facebook, and Reddit. Developers applying for the job are required to show their skills by running, debugging, and improving a given project. However, the attacker's purpose is to make the applicant run the code... [The campaign involves 192 malicious packages published in the npm and PyPi registries. The packages download a remote access trojan that can exfiltrate files, drop additional payloads, or execute arbitrary commands sent from a command-and-control server.]

In one case highlighted in the ReversingLabs report, a package named 'bigmathutils,' with 10,000 downloads, was benign until it reached version 1.1.0, which introduced malicious payloads. Shortly after, the threat actor removed the package, marking it as deprecated, likely to conceal the activity... The RAT checks whether the MetaMask cryptocurrency extension is installed on the victim's browser, a clear indication of its money-stealing goals...

ReversingLabs has found multiple variants written in JavaScript, Python, and VBS, showing an intention to cover all possible targets.
The campaign has been ongoing since at least May 2025...

Microsoft has patched a high-severity vulnerability in Windows 11's Notepad that allowed attackers to silently execute local or remote programs when a user clicked a specially crafted Markdown link, all without triggering any Windows security warning.

The flaw, tracked as CVE-2026-20841 and fixed in the February 2026 Patch Tuesday update, stemmed from Notepad's relatively new Markdown support -- a feature Microsoft added after discontinuing WordPad and rewriting Notepad to serve as both a plain text and rich text editor. An attacker only needed to create a Markdown file containing file:// links pointing to executables or special URIs like ms-appinstaller://, and a Ctrl+click in Markdown mode would launch them. Microsoft's fix now displays a warning dialog for any link that doesn't use http:// or https://, though the company did not explain why it chose a prompt over blocking non-standard links entirely. Notepad updates automatically through the Microsoft Store.

An anonymous reader shares a report: Palo Alto Networks opted not to tie China to a global cyberespionage campaign the firm exposed last week over concerns that the cybersecurity company or its clients could face retaliation from Beijing, according to two people familiar with the matter. The sources said that Palo Alto's findings that China was tied to the sprawling hacking spree were dialed back following last month's news, first reported by Reuters, that Palo Alto was one of about 15 U.S. and Israeli cybersecurity companies whose software had been banned by Chinese authorities on national security grounds.

A draft version of the report by Palo Alto's Unit 42, the company's threat intelligence arm, said that the prolific hackers -- dubbed "TGR-STA-1030" in a report published on Thursday of last week -- were connected to Beijing, the two people said. The finished report instead described the hacking group more vaguely as a "state-aligned group that operates out of Asia." Attributing sophisticated hacks is notoriously difficult and debates over how best to assign blame for digital intrusions are common among cybersecurity researchers.

Microsoft is planning to bring smartphone-style app permission prompts to Windows 11, requiring apps to get explicit user consent before they can access sensitive resources like the file system, camera and microphone. The company's Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.

A separate initiative called Windows Baseline Security Mode will enforce runtime integrity safeguards by default, allowing only properly signed apps, services, and drivers to run. Both changes will roll out in phases as part of Microsoft's Secure Future Initiative, which the company launched in November 2023 after a federal review board called its security culture "inadequate."

Google on Tuesday expanded its "Results about you" tool to let users request the removal of Search results containing government-issued ID numbers -- including driver's licenses, passports and Social Security numbers -- adding to the tool's existing ability to flag results that surface phone numbers, email addresses, and home addresses.

The update, announced on Safer Internet Day, is rolling out in the U.S. over the coming days. Google also streamlined its process for reporting non-consensual explicit images on Search, allowing users to select and submit removal requests for multiple images at once rather than reporting them individually.

Microsoft has begun automatically replacing the original Secure Boot security certificates on Windows devices through regular monthly updates, a necessary move given that the 15-year-old certificates first issued in 2011 are set to expire between late June and October 2026.

Secure Boot, which verifies that only trusted and digitally signed software runs before Windows loads, became a hardware requirement for Windows 11. A new batch of certificates was issued in 2023 and already ships on most PCs built since 2024; nearly all devices shipped in 2025 include them by default. Older hardware is now receiving the updated certificates through Windows Update, starting last month's KB5074109 release for Windows 11. Devices that don't receive the new certificates before expiration will still function but enter what Microsoft calls a "degraded security state," unable to receive future boot-level protections and potentially facing compatibility issues down the line.

Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates. A small number of devices may also need a separate firmware update from their manufacturer before the Windows-delivered certificates can be applied.

"They were crouched down like turkeys peeking over the balcony," the county sheriff told Ars Technica. A half hour past midnight, they were skulking through a courthouse in Iowa's Dallas County on September 11 "carrying backpacks that remind me and several other deputies of maybe the pressure cooker bombs." More deputies arrived... Justin Wynn, 29 of Naples, Florida, and Gary De Mercurio, 43 of Seattle, slowly proceeded down the stairs with hands raised. They then presented the deputies with a letter that explained the intruders weren't criminals but rather penetration testers who had been hired by Iowa's State Court Administration to test the security of its court information system. After calling one or more of the state court officials listed in the letter, the deputies were satisfied the men were authorized to be in the building.
But Sheriff Chad Leonard had the men arrested on felony third-degree burglary charges (later reduced to misdemeanor trespassing charges). He told them that while the state government may have wanted to test security, "The State of Iowa has no authority to allow you to break into a county building. You're going to jail."

More than six years later, the Des Moines Register reports: Dallas County is paying $600,000 to two men who sued after they were arrested in 2019 while testing courthouse security for Iowa's Judicial Branch, their lawyer says.

Gary DeMercurio and Justin Wynn were arrested Sept. 11, 2019, after breaking into the Dallas County Courthouse. They spent about 20 hours in jail and were charged with burglary and possession of burglary tools, though the charges were later dropped. The men were employees of Colorado-based cybersecurity firm Coalfire Labs, with whom state judicial officials had contracted to perform an analysis of the state court system's security. Judicial officials apologized and faced legislative scrutiny for how they had conducted the security test.

But even though the burglary charges against DeMercurio and Wynn were dropped, their attorney previously said having a felony arrest on their records made seeking employment difficult. Now the two men are to receive a total of $600,000 as a settlement for their lawsuit, which has been transferred between state and federal courts since they first filed it in July 2021 in Dallas County. The case had been scheduled to go to trial Monday, Jan. 26 until the parties notified the court Jan. 23 of the impending deal...

"The settlement confirms what we have said from the beginning: our work was authorized, professional, and done in the public interest," DeMercurio said in a statement. "What happened to us never should have happened. Being arrested for doing the job we were hired to do turned our lives upside down and damaged reputations we spent years building...."

"This incident didn't make anyone safer," Wynn said. "It sent a chilling message to security professionals nationwide that helping government identify real vulnerabilities can lead to arrest, prosecution, and public disgrace. That undermines public safety, not enhances it."
County Attorney Matt Schultz said dismissing the charges was the decision of his predecessor, according to the newspaper, and that he believed the sheriff did nothing wrong.

"I am putting the public on notice that if this situation arises again in the future, I will prosecute to the fullest extent of the law."

An anonymous reader shared this report from Bloomberg: An Asian cyber-espionage group has spent the past year breaking into computer systems belonging to governments and critical infrastructure organizations in more than 37 countries, according to the cybersecurity firm Palo Alto Networks, Inc. The state-aligned attackers have infiltrated networks of 70 organizations, including five national law enforcement and border control agencies, according to a new research report from the company. They have also breached three ministries of finance, one country's parliament and a senior elected official in another, the report states. The Santa Clara, California-based firm declined to identify the hackers' country of origin.

The spying operation was unusually vast and allowed the hackers to hoover up sensitive information in apparent coordination with geopolitical events, such as diplomatic missions, trade negotiations, political unrest and military actions, according to the report. They used that access to spy on emails, financial dealings and communications about military and police operations, the report states. The hackers also stole information about diplomatic issues, lurking undetected in some systems for months. "They use highly-targeted and tailored fake emails and known, unpatched security flaws to gain access to these networks," said Pete Renals, director of national security programs with Unit 42, the threat intelligence division of Palo Alto Networks....

Palo Alto Networks researchers confirmed that the group successfully accessed and exfiltrated sensitive data from some victims' email servers.
Bloomberg writes that according to the cybersecurity firm, this campaign targeted government entities in the Czech Republic and the Ministry of Mines and Energy of Brazil, and also "likely compromised" a device associated with a facility operated by a joint venture between Venezuela's government and an Asian tech firm.

The cyberattackers are "also suspected of being active in Germany, Poland, Greece, Italy, Cyprus, Indonesia, Malaysia, Mongolia, Panama, Greece and other countries, according to the report."

Axios reports: Anthropic's latest AI model has found more than 500 previously unknown high-severity security flaws in open-source libraries with little to no prompting, the company shared first with Axios.

Why it matters: The advancement signals an inflection point for how AI tools can help cyber defenders, even as AI is also making attacks more dangerous...

Anthropic debuted Claude Opus 4.6, the latest version of its largest AI model, on Thursday. Before its debut, Anthropic's frontier red team tested Opus 4.6 in a sandboxed environment [including access to vulnerability analysis tools] to see how well it could find bugs in open-source code... Claude found more than 500 previously unknown zero-day vulnerabilities in open-source code using just its "out-of-the-box" capabilities, and each one was validated by either a member of Anthropic's team or an outside security researcher... According to a blog post, Claude uncovered a flaw in GhostScript, a popular utility that helps process PDF and PostScript files, that could cause it to crash. Claude also found buffer overflow flaws in OpenSC, a utility that processes smart card data, and CGIF, a tool that processes GIF files.
Logan Graham, head of Anthropic's frontier red team, told Axios they're considering new AI-powered tools to hunt vulnerabilities. "The models are extremely good at this, and we expect them to get much better still... I wouldn't be surprised if this was one of — or the main way — in which open-source software moving forward was secured."