Issue #181 - January 12, 2026
- Weekly INK
- Jan 12
- 2 min read
Updated: Jan 15
'Most Severe AI Vulnerability to Date' Hits ServiceNow
Source: Dark Reading
Authentication issues in ServiceNow potentially opened the door for arbitrary attackers to gain full control over the entire platform and access to the various systems connected to it. ServiceNow is a Fortune 500 company that, according to its promotional materials, acts as an IT services management platform for 85% of the companies that comprise the rest of the Fortune 500.
Microsoft disrupts global cybercrime subscription service responsible for millions in fraud losses
Source: Microsoft
Microsoft is announcing a coordinated legal action in the United States and, for the first time, the United Kingdom to disrupt RedVDS, a global cybercrime subscription service fueling millions in fraud losses. These efforts are part of a broader joint operation with international law enforcement, including German authorities and Europol, which has allowed Microsoft and its partners to seize key malicious infrastructure.
PharMerica Will Pay at Least $5.2M to Settle Hack Lawsuit
Source: Bank Info Security
A pharmacy services firm is paying millions to settle a class-action lawsuit following a massive data theft. This case demonstrates that the cost of a breach goes far beyond immediate IT recovery; legal fees and settlements can threaten the financial stability of any organization handling sensitive customer data.
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
Source: The Hacker News
The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. "As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) codes in spear-phishing campaigns," the FBI said in the flash alert. "This type of spear-phishing attack is referred to as quishing.”
New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data
Source: SecurityWeek
Security researchers at Varonis have discovered a new attack that allowed them to exfiltrate user data from Microsoft Copilot using a single malicious link. Dubbed Reprompt, the attack bypassed the LLMs data leak protections and allowed for persistent session exfiltration even after the Copilot was closed, Varonis says.