Data Leakage
The latest Data Leakage coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft enforces Azure MFA by October 2025 as Meta patches zero-click WhatsApp flaw CVE-2025-55177, making identity the new enterprise perimeter.
Meta has patched a zero-click vulnerability in WhatsApp that could let attackers execute code without any user interaction, while Microsoft will begin enforcing multi-factor authentication (MFA) for...
Chrome's File Picker Cross-Origin Leak Prompts Emergency Patch for Windows Browsers
A critical logic flaw in Chromium's File Picker—one of the browser's most sensitive UI components—can be weaponized to leak data across origins, forcing Google and Microsoft to ship urgent...
Audit: 9/10 AI Browser Extensions Leak SSNs, Medical Records, and Bank Details
A new cross-national audit found that nine out of ten popular AI-powered browser assistants silently funnel private data—including social security numbers, medical records, and bank details—from...
I Found My ID Cards in Windows Clipboard History—Here’s How to Wipe It Clean
I nearly fell off my chair when I found screenshots of my ID cards pinned in Windows’ Clipboard history — and that moment is the exact reason I wiped my Clipboard history to protect my identity...
Microsoft Patches CVE-2025-53787: BizChat Flaw Exposes Enterprise AI Chat Data
Microsoft has confirmed a new vulnerability, CVE-2025-53787, that allows potential information disclosure through the BizChat feature of Microsoft 365 Copilot, sparking urgent patch deployment across...
CVE-2025-8581: The Low-Risk Chrome Extension Bug That Still Requires an Immediate Update on Edge and Chrome
Google has patched a security vulnerability in Chrome’s Extensions framework that could have allowed attackers to siphon sensitive cross-origin data from unsuspecting users. Tracked as...
Tenable Unveils AI Exposure: New Module Secures ChatGPT and Copilot in Enterprises
Tenable has launched a private customer preview of Tenable AI Exposure, a new module within its Tenable One platform engineered to give organizations visibility and control over generative AI tools...
Sploitlight CVE-2025-31199: A Critical macOS Vulnerability Undermining Privacy and Security
The cybersecurity landscape is evolving at a frenetic pace, and the discovery of CVE-2025-31199—nicknamed the "Sploitlight" vulnerability—underscores just how high the stakes have become in the...
Orchestry’s automation-first suite slashes data sprawl and compliance risks across Microsoft 365.
As Microsoft 365 cements itself as the productivity backbone for organizations worldwide, the challenge of maintaining airtight security and robust governance grows ever more formidable. The cloud...
Enterprises urged to adopt multi-layered AI security as attacks target models and training data.
The integration of artificial intelligence (AI) into enterprise systems presents unprecedented opportunities, but also significant security challenges. As organizations increasingly rely on AI for...
CVE-2025-48823: Critical Windows Cryptographic Vulnerability Explained and Mitigation Steps
A newly discovered cryptographic vulnerability in Windows systems, identified as CVE-2025-48823, has raised significant concerns among cybersecurity professionals. While details remain limited in...
CISA Adds Critical Vulnerabilities to KEV Catalog: Immediate Steps for Organizations
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated its alert level by adding two new critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog,...