Search

bleepingcomputer.com › news › security

New critical Exim mailer flaw allows remote code execution

…13-year-old bug in ActiveMQ lets hackers remotely execute commands Max severity Flowise RCE vulnerability now exploited in attacks CISA: New Langflow flaw actively exploited to hijack AI workflows Fortinet warns…

May 13, 2026 · Bill Toulas

Top stories

bleepingcomputer.com

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

1d ago

bleepingcomputer.com

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

1d ago

bleepingcomputer.com

Cisco warns of critical Unified CM flaw with PoC exploit code

2d ago

bleepingcomputer.com

CISA warns of active attacks exploiting Android, Linux bugs

3d ago

bleepingcomputer.com › news › security

New Linux 'Dirty Frag' zero-day gives root on all major distros

…Security researcher Hyunwoo Kim, who disclosed it earlier today and published a proof-of-concept (PoC) exploit, says this local privilege escalation was introduced roughly nine years ago in the Linux kernel…

May 8, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Instructure reaches 'agreement' with ShinyHunters to stop data leak

…that data had been stolen in the cyberattack. ​Instructure confirmed to BleepingComputer that ShinyHunters exploited a security issue in the Free-for-Teacher environment, a free, limited version of Canvas LMS for…

May 12, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › software

Dell confirms its SupportAssist software causes Windows BSOD crashes

…Security researchers have also found major security vulnerabilities in the BIOSConnect feature of Dell SupportAssist that would allow remote attackers to execute code within the BIOS of impacted devices. 99% of What…

May 14, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026

…Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own Microsoft warns of Exchange zero-day flaw exploited in attacks Google: Hackers…

May 18, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Google adds Android protection against AI deepfake scam calls

…a warning on your screen advising you to hang up immediately. This proactive alert helps you avoid falling victim to deepfake impersonation and call spoofing in real time." This new security feature…

Jun 3, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

New Fragnesia Linux flaw lets attackers gain root privileges

…CISA added Copy Fail to its catalog of flaws exploited in attacks on May 1 and ordered federal agencies to secure their Linux systems within two weeks, by May 15. "This type…

May 14, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

…While SAP hasn't found evidence that any of the vulnerabilities patched today were exploited in the wild, CISA has added 14 SAP security flaws to its Known Exploited Vulnerabilities catalog in…

May 12, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Instructure confirms hackers used Canvas flaw to deface portals

…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…

May 11, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin By Bill Toulas May 14, 2026 05:07 PM Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst…

May 14, 2026 · Bill Toulas