Search

bleepingcomputer.com › news › linux

Exploit released for new PinTheft Arch Linux root escalation flaw

…The Cybersecurity and Infrastructure Security Agency (CISA) has added Copy Fail to its list of flaws exploited in attacks on May 1 and ordered government agencies to secure their Linux systems within…

May 20, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Trend Micro warns of Apex One zero-day exploited in the wild

…Cybersecurity and Infrastructure Security Agency (CISA) also added CVE-2026-34926 to its list of actively exploited vulnerabilities and ordered federal agencies to patch their devices by June 4. "These types of…

May 22, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Ivanti warns of new EPMM flaw exploited in zero-day attacks

…Cybersecurity and Infrastructure Security Agency (CISA) gave U.S. government agencies 4 days to secure their systems against CVE-2026-1340 attacks. Multiple other Ivanti EPMM zero-days have been exploited in…

May 7, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

KnowledgeDeliver flaw exploited as a zero-day to install web shells

…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…

May 26, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

Ubiquiti patches three max severity UniFi OS vulnerabilities

…Cybersecurity and Infrastructure Security Agency (CISA) also added a critical command injection flaw ( CVE-2010-5330 ) in Ubiquiti AirOS to its catalog of actively exploited vulnerabilities and ordered federal agencies to secure…

May 22, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › microsoft

Microsoft warns of Exchange zero-day flaw exploited in attacks

…The security feature was added after many hacking groups exploited ProxyLogon and ProxyShell zero-days (which lacked patches or mitigation information) to breach Internet-exposed Exchange servers. Admins with servers in air…

May 15, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

VS Code zero-day lets hackers steal GitHub tokens in one click

VS Code zero-day lets hackers steal GitHub tokens in one click By Sergiu Gatlan June 3, 2026 02:50 AM A security researcher has released exploit code for a Visual Studio…

Jun 3, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

New Gogs zero-day flaw lets hackers get remote code execution

…On January 12, CISA confirmed Wiz's report that the CVE-2025-8110 was under active exploitation and added the security flaw to its catalog of vulnerabilities exploited in the wild, ordering…

May 28, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › microsoft

Critical Windows Netlogon RCE flaw now exploited in attacks

…On Friday, Belgium's national cybersecurity authority (CCB) warned that attackers are now actively exploiting the CVE-2026-41089 security flaw in the wild and urged admins to immediately patch vulnerable servers…

Jun 1, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › microsoft

Microsoft shares mitigation for YellowKey Windows zero-day

…The security flaw was disclosed last week by an anonymous security researcher known as 'Nightmare Eclipse,' who described it as a backdoor and published a proof-of-concept (PoC) exploit. Nightmare Eclipse…

May 20, 2026 · Sergiu Gatlan