Search

bleepingcomputer.com › news › security

Max-severity flaw in ChromaDB for AI apps allows server hijacking

…18-year-old NGINX vulnerability allows DoS, potential RCE 13-year-old bug in ActiveMQ lets hackers remotely execute commands Max severity Flowise RCE vulnerability now exploited in attacks CISA: New Langflow…

May 19, 2026 · Bill Toulas

bleepingcomputer.com › news › security

UK fines water supplier $1.3M for exposing data of 664k customers

…UK fines LastPass over 2022 data breach impacting 1.6 million users GM agrees to $12.75M California settlement over sale of drivers’ data Trellix source code breach claimed by RansomHouse hackers…

May 12, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Android 17 to expand banking scam call and privacy protections

…Android will work with banking apps to detect spoofed calls and automatically terminate the connection when a scam is identified. The call's authenticity verification occurs via app-level queries and by…

May 12, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages By Bill Toulas June 8, 2026 04:41 PM Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of…

Jun 8, 2026 · Bill Toulas

bleepingcomputer.com › news › security

TrickMo Android banker adopts TON blockchain for covert comms

…Telegram Mini Apps abused for crypto scams, Android malware delivery ScarCruft hackers push BirdCall Android malware via game platform China's Apple App Store infiltrated by crypto-stealing wallet apps NGate Android…

May 11, 2026 · Bill Toulas

bleepingcomputer.com › news › security

GitHub announces npm security changes to tackle supply-chain attacks

…These changes can significantly reduce supply-chain attacks by removing the automatic execution of dependency installation scripts, the automatic resolution of Git-based dependencies, and the automatic resolution of remote URL dependencies…

Jun 10, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Over 20,000 Instagram accounts stolen in Meta AI support hack

Over 20,000 Instagram accounts stolen in Meta AI support hack By Sergiu Gatlan June 8, 2026 02:00 AM Meta has revealed that 20,225 Instagram users had their accounts hijacked…

Jun 8, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

OpenClaw AI agent found falling for phishing attacks, spills user data

…New ATHR vishing platform uses AI voice agents for automated attacks New Bluekit phishing service includes an AI assistant, 40 templates Over 20,000 Instagram accounts stolen in Meta AI support hack…

Jun 9, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Dashlane password manager users locked out by brute force attacks

…In a statement to BleepingComputer, the password management service confirmed that the suspensions were part of an automated security response designed to protect against account hijacking. “We can confirm that certain Dashlane…

Jun 1, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New Fragnesia Linux flaw lets attackers gain root privileges

…New Linux 'Dirty Frag' zero-day gives root on all major distros CISA says ‘Copy Fail’ flaw now exploited to root Linux systems New Linux ‘Copy Fail’ flaw gives hackers root on…

May 14, 2026 · Sergiu Gatlan