Search

bleepingcomputer.com › news › security

Critical vm2 sandbox bug lets attackers execute code on hosts

…However, WebAssembly exception handling can intercept JavaScript errors at a lower level inside Google’s V8 engine, bypassing vm2’s JavaScript-based security defenses. By triggering a specially crafted TypeError using Symbol…

May 6, 2026 · Bill Toulas

Top stories

bleepingcomputer.com

Google patches new Chrome zero-day flaw exploited in the wild

4d ago

bleepingcomputer.com

Google adds Android protection against AI deepfake scam calls

1w ago

bleepingcomputer.com

Google fixes one actively exploited Android zero-day, 124 flaws

1w ago

bleepingcomputer.com › news › security

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin

…Burst Statistics is a privacy-focused analytics plugin active on 200,000 WordPress sites and marketed as a lightweight alternative to Google Analytics. The flaw, tracked as CVE-2026-8181, was introduced…

May 14, 2026 · Bill Toulas

bleepingcomputer.com › news › security

NFCShare Android malware spreads via fake banking app updates on GitHub

…Android users are advised to source banking apps only from Google Play, enable Play Protect, and be cautious of “verification requests” that prompt NFC card scans. Test every layer before attackers do…

Jun 8, 2026 · Bill Toulas

bleepingcomputer.com › news › security

TeamPCP hackers advertise Mistral AI code repos for sale

…Mistral AI is a French artificial intelligence company founded by former researchers from Google's DeepMind and Meta, which provides open-weight large language models (LLMs), both open source and proprietary.  ​In…

May 14, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

Over 73,000 French govt employees affected in Tchap messenger breach

…has reached over 300,000 monthly users and now has  over 500,000 downloads  on Google's Play Store. In May, French authorities also  arrested a 15-year-old  suspected of selling…

Jun 12, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

TrickMo Android banker adopts TON blockchain for covert comms

…Android users are advised to only download software from Google Play, limit the number of installed apps on their phones, use apps only from reputable publishers, and ensure that Play Protect is…

May 11, 2026 · Bill Toulas

bleepingcomputer.com › news › security

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

…Dutch govt disrupts malware botnet with 17 million infected devices US and Canada arrest and charge suspected Kimwolf botnet admin Google accidentally exposed details of unfixed Chromium flaw Russian hackers turn Kazuar…

Jun 7, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Chinese hackers use new Atlas RAT malware in European cyberattacks

…Proofpoint also identified a Python-based loader and information stealer called SilentRunLoader, which steals from Google Chrome credentials, cookies, and browsing data. That malware was deployed against organizations in the United Kingdom…

Jun 3, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Russian hackers turn Kazuar backdoor into modular P2P botnet

…The messages are AES-encrypted and serialized with Google Protocol Buffers (Protobuf). The Worker module performs the actual espionage operations, such as: keylogging capturing screenshots harvesting data from the filesystem performing system…

May 16, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

…Cisco's Product Security Incident Response Team (PSIRT) became aware of CVE-2026-20245 exploitation in June after Google Cloud cybersecurity subsidiary Mandiant reported the flaw but did not share any details…

Jun 5, 2026 · Sergiu Gatlan