Search

bleepingcomputer.com › news › security

New Fragnesia Linux flaw lets attackers gain root privileges

…New Linux 'Dirty Frag' zero-day gives root on all major distros CISA says ‘Copy Fail’ flaw now exploited to root Linux systems New Linux ‘Copy Fail’ flaw gives hackers root on…

May 14, 2026 · Sergiu Gatlan

Top stories

bleepingcomputer.com

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

1d ago

bleepingcomputer.com

CISA tells govt agencies to patch critical exploited flaws in 3 days

2d ago

bleepingcomputer.com

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day

4d ago

bleepingcomputer.com

CISA warns of active attacks exploiting Android, Linux bugs

1w ago

bleepingcomputer.com › news › security

New Linux 'Dirty Frag' zero-day gives root on all major distros

…Exploit available for new DirtyDecrypt Linux root escalation flaw New Fragnesia Linux flaw lets attackers gain root privileges Recently leaked Windows zero-days now exploited in attacks CISA says ‘Copy Fail’ flaw…

May 8, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

…The earliest date for observed exploitation was May 17, 2026," explains Rapid7 . "As of May 29, 2026,  this vulnerability has been added to the CISA KEV." According to Rapid7, the attacks began…

May 30, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

…Ivanti fixes EPMM zero-days chained in code execution attacks CISA flags new SD-WAN flaw as actively exploited in attacks Ransomware gang exploits Cisco flaw in zero-day attacks since January…

May 14, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

…While SAP hasn't found evidence that any of the vulnerabilities patched today were exploited in the wild, CISA has added 14 SAP security flaws to its Known Exploited Vulnerabilities catalog in…

May 12, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Path traversal flaw in AI dev platform Langflow exploited in attacks

…Cybersecurity & Infrastructure Security Agency (CISA) also warned about active exploitation of CVE-2025-3248 , for which Condon says VulnCheck continues to observe activity, including activity linked to the Iranian threat group MuddyWater…

Jun 10, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Ubiquiti patches three max severity UniFi OS vulnerabilities

…Cybersecurity and Infrastructure Security Agency (CISA) also added a critical command injection flaw ( CVE-2010-5330 ) in Ubiquiti AirOS to its catalog of actively exploited vulnerabilities and ordered federal agencies to secure…

May 22, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Max-severity flaw in ChromaDB for AI apps allows server hijacking

…18-year-old NGINX vulnerability allows DoS, potential RCE 13-year-old bug in ActiveMQ lets hackers remotely execute commands Max severity Flowise RCE vulnerability now exploited in attacks CISA: New Langflow…

May 19, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Cisco warns of critical Unified CM flaw with PoC exploit code

…Cybersecurity and Infrastructure Security Agency (CISA) tagged 91 Cisco vulnerabilities as actively exploited in the wild, six of which have been used by various ransomware operations. Test every layer before attackers do…

Jun 4, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

New critical Exim mailer flaw allows remote code execution

…13-year-old bug in ActiveMQ lets hackers remotely execute commands Max severity Flowise RCE vulnerability now exploited in attacks CISA: New Langflow flaw actively exploited to hijack AI workflows Fortinet warns…

May 13, 2026 · Bill Toulas