Search

bleepingcomputer.com › news › security

Microsoft Self-Service Password Reset abused in Azure data theft attacks

…Microsoft tracks the actor as Storm-2949 and says that the purpose of the attacks is "to exfiltrate as much sensitive data from a target organization’s high-value assets as possible…

May 19, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Drupal critical update to fix bug with high exploitation risk

…The Drupal content management system (CMS) is very popular among large organizations as well as in the government, education, and healthcare sectors. According to the public service announcement , the vulnerability affects Drupal…

May 20, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Netherlands seizes 800 servers of hosting firm enabling cyberattacks

…The same outlet alleges that Danish authorities and infrastructure providers linked WorkTitans to attacks by the pro-Russian hacktivist group NoName057(16), which has previously targeted key organizations with distributed denial-of…

May 22, 2026 · Bill Toulas

bleepingcomputer.com › news › artificial-intelligence

Anthropic confirms Claude Mythos-class models will roll out to the public

…Anthropic says it is already allowing a small number of organizations to use Claude Mythos preview for cybersecurity work, but it is unclear if the same model will be rolled out to…

May 28, 2026 · Mayank Parmar

bleepingcomputer.com › news › security

CISA warns of active attacks exploiting Android, Linux bugs

…According to past reports from Aqua Security and Palo Alto Networks , the issue primarily impacts containerized environments using cgroups v1, and is especially dangerous when containers are granted elevated capabilities. The Linux…

Jun 3, 2026 · Bill Toulas

bleepingcomputer.com › news › security

From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market

…What is DDoS? A DDoS attack attempts to overwhelm a website, application, network, or server with traffic from many sources at once. Some attacks target network capacity, while others focus on application…

May 29, 2026

bleepingcomputer.com › news › security

AI-built ransomware toolkit automates EDR evasion, AD discovery

…The discovery in Cobalt Strike operator logs of entries pointing to a ransom note and details on multiple organizations listed on a ransomware data leak site clarified that the framework was used…

Jun 2, 2026 · Bill Toulas

bleepingcomputer.com › news › security

WP Maps Pro bug exploited to create admin accounts on WordPress sites

…The plugin is typically used by businesses, real estate websites, travel sites, directories, and organizations that need to display multiple locations on a map, and has over 15,800 sales on the…

May 31, 2026 · Bill Toulas

bleepingcomputer.com › news › security

How SIEM helps MSPs reduce noise and stop threats faster

…One tool was added for endpoint visibility, another for cloud monitoring and another for email security or network traffic analysis. Individually, these tools may generate useful detections, but they rarely work together…

May 28, 2026

bleepingcomputer.com › news › security

Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight

…Stolen credentials, established persistence, network recon, pivoting to a high-value target cash out. These techniques are well documented; we have attack frameworks and well-documented kill chains for their techniques. What…

May 14, 2026