Search

bleepingcomputer.com › news › security

CISA warns of another cPanel plugin flaw exploited in attacks

…Key factors to consider when assessing the risks include whether the security flaw is included in CISA's KEV catalog, whether the asset is publicly exposed online, whether exploitation can be automated…

Jun 16, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Australia warns of ClickFix attacks pushing Vidar Stealer malware

Australia warns of ClickFix attacks pushing Vidar Stealer malware By Bill Toulas May 7, 2026 02:00 PM The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign…

May 7, 2026 · Bill Toulas

bleepingcomputer.com › news › security

CISA orders feds to patch actively exploited Drupal vulnerability

…security watchdog group Shadowserver now tracks  nearly 670 unpatched Drupal installations exposed online, most of them from North America (272) and Europe (273). ​On Friday, the U.S. Cybersecurity and Infrastructure Security…

May 26, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Japanese energy firm loses drive with data of 10.9 million clients

…Energy Supplier Japan Physical Security Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux…

Jun 11, 2026 · Bill Toulas

bleepingcomputer.com › news › security

CISA flags two-year-old Oracle flaw as actively exploited in attacks

…Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively…

Jun 2, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

US charges Google security engineer with Polymarket insider trading

US charges Google security engineer with Polymarket insider trading By Sergiu Gatlan May 29, 2026 06:11 AM A Google security engineer was charged with insider trading after winning $1.2 million…

May 29, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

…The Internet intelligence platform Shodan currently tracks over 12,000 Serv-U servers exposed online, and Internet security watchdog Shadowserver just over 3,100 , but there is no information on how many…

Jun 5, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Instructure confirms hackers used Canvas flaw to deface portals

Instructure confirms hackers used Canvas flaw to deface portals By Ionut Ilascu May 11, 2026 11:26 AM Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify…

May 11, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

Max-severity flaw in ChromaDB for AI apps allows server hijacking

…Users who deploy it locally without exposing the API server online along with those using the Rust front-end, are not affected by CVE-2026-45829. According to HiddenLayer, a vulnerable API…

May 19, 2026 · Bill Toulas

bleepingcomputer.com › news › microsoft

Microsoft: Some Windows PCs fail to install latest monthly updates

…More recently, it resolved another known issue causing failures and 0x800f0922 errors when installing the May 2026 Windows 11 security update ( KB5089549 ). Test every layer before attackers do Security teams log 54…

Jun 10, 2026 · Sergiu Gatlan