Cybersecurity Headlines Copilot summarizes confidential emails, ShinyHunters targets CarGurus, Texas sues TP-Link
18 snips
Feb 19, 2026 A Microsoft Copilot bug exposed summaries of confidential emails. ShinyHunters claims a massive CarGurus data theft. Texas sues TP-Link over alleged router security failures and foreign-linked vulnerabilities. Reports cover a critical Honeywell CCTV bypass and a hotel booking hack that charged one cent. Coverage also includes malware targeting protesters and a Dell zero-day enabling root access.
AI Snips
Chapters
Transcript
Episode notes
Immediately Restrict AI Access To Sensitive Folders
- Audit AI tool access paths and test sensitivity label enforcement across integrated apps.
- Limit AI access to draft and sent folders until vendors confirm patches and controls.
Copilot Bypassed Email Sensitivity Controls
- A Microsoft 365 Copilot code bug let the AI summarize emails marked confidential, bypassing sensitivity labels and DLP policies.
- The flaw affected Copilot Chat Work and exposed sent items and drafts since late January before a fix rollout.
ShinyHunters Claims CarGurus Records
- The ShinyHunters gang claims a CarGurus breach with 1.7 million corporate records and a leak deadline of February 20th.
- CarGurus hasn’t confirmed the breach while ShinyHunters also targeted other firms like Mercer Advisors and Canada Goose.