Search

bleepingcomputer.com › news › security

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

…Although the fix for the issue was released on February 19 in Ghost CMS version 6.19.1 , many sites failed to install the security update. SentinelOne published on February 27 details…

May 24, 2026 · Bill Toulas

Top stories

bleepingcomputer.com

Over 400 Arch Linux packages compromised to push rootkit, infostealer

2d ago

bleepingcomputer.com

New Apple feature automatically changes your compromised passwords

6d ago

bleepingcomputer.com

Hola Browser for Windows compromised to deliver cryptominer

1w ago

bleepingcomputer.com

Red Hat npm packages compromised to steal developer credentials

1w ago

bleepingcomputer.com › news › security

Charter confirms data breach after ShinyHunters extortion threat

…7-Eleven confirms data breach claimed by the ShinyHunters gang 7-Eleven data breach exposes personal information of 185,000 people Instructure reaches 'agreement' with ShinyHunters to stop data leak Home security…

May 26, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Nottingham University data breach affects over 450,000 students

…Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen. The Picus whitepaper shows how breach and…

Jun 11, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Google accidentally exposed details of unfixed Chromium flaw

…The flaw was reported by security researcher Lyra Rebane and acknowledged as valid in December 2022, as per the thread on Chromium Issue Tracker. An attacker could exploit the problem to create…

May 21, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New TCLBanker malware self-spreads over WhatsApp and Outlook

…The new banking trojan was discovered by Elastic Security Labs , whose researchers believe it’s a major evolution of the older Maverick/Sorvepotel malware family. While TCLBanker currently appears focused in Brazil…

May 7, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Dutch govt disrupts malware botnet with 17 million infected devices

…agency, the National Cyber ​​Security Centre (NCSC). According to the authorities, the seized servers controlled "computers, tablets, and smartphones to carry out cyberattacks." Botnets are networks of compromised devices used for illegal…

May 29, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Russian hackers turn Kazuar backdoor into modular P2P botnet

…The leader is essentially one infected system within a compromised environment or network segment, which communicates with the command-and-control (C2) server, receives tasks, and forwards them internally to the other…

May 16, 2026 · Bill Toulas

bleepingcomputer.com › news › security

AI-built ransomware toolkit automates EDR evasion, AD discovery

…Instead, the technology was used to accelerate the iterative process of developing, testing, and refining payloads against security products. AI tools are shortening the period between the publication of offensive security research…

Jun 2, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Fake Claude AI website delivers new 'Beagle' Windows malware

…According to the researchers, NOVupdate.exe  is a signed updater for G Data security solutions that the hacker uses to sideload the malicious  avk.dll  and the encrypted  NOVupdate.exe.dat file…

May 7, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

…PeopleSoft instance was compromised, and consider temporarily removing affected servers from internet access until the environment can be secured and reviewed. Test every layer before attackers do Security teams log 54% of…

Jun 10, 2026 · Lawrence Abrams