Search

bleepingcomputer.com › news › security

New Prinz Eugen ransomware prioritizes recent files for encryption

…According to the researchers, initial access is likely achieved through stolen RDP credentials, followed by the manual download and execution of the main payload, ‘servertool.exe.’ In an investigated incident, the researchers…

Jun 20, 2026 · Bill Toulas

Top stories

androidauthority.com

Another LastPass security breach traces back to a compromised vendor

4d ago

aws.amazon.com

Amazon GuardDuty AI-powered investigations accelerate threat response (Preview) - AWS

5d ago

arstechnica.com › security › 2026 › …

Dozens of Red Hat packages backdoored through its official NPM channel

…That means employees should drop whatever they’re doing at the moment and investigate thoroughly. In a recent supply-chain attack that hit Checkmarx, the security firm failed to fully drive out…

Jun 1, 2026 · Dan Goodin

bleepingcomputer.com › news › security

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

…the security incident, with Huntress stating that their Salesforce data was stolen in the attack. Salesforce has since disabled the Klue Battlecards integration on its platform while the breach is investigated. "To…

Jun 18, 2026 · Lawrence Abrams

notebookcheck.net

ShinyHunters confirms theft of 6 million Carnival customer records after April breach

…On April 14, Carnival's security team spotted something wrong with a single employee account. A social engineering call was all it took to get inside. By April 22, internal investigators confirmed…

Jun 1, 2026 · Darryl Linington

bleepingcomputer.com › news › security

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

…many sites failed to install the security update. SentinelOne published on February 27 details about CVE-2026-26980 being exploited in attacks and how incidents can be detected. The researchers observed at…

May 24, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Securing the service desk: Why social engineering attacks keep succeeding

…Secure your Active Directory passwords with Specops Password Policy Verizon’s Data Breach Investigation Report found stolen credentials are involved in 44.7% of breaches.  Effortlessly secure Active Directory with compliant password…

Jun 24, 2026

bleepingcomputer.com › news › security

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

…In at least one incident, it was deployed shortly after ModeloRAT, a backdoor attributed to KongTuke and delivered via social engineering attacks over Microsoft Teams. Symantec believes that Mistic is a newly…

Jun 24, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Race Against Time: Why Faster Vulnerability Alerts Matter

…A single missed alert, delayed patch, or overlooked notification can open the door to serious security incidents. This is where many in-house vulnerability management processes begin to struggle. While they may…

Jun 1, 2026

tomshardware.com › networking

Finland charges Russian captain and crew member of ship suspected of damaging undersea cables — prosecutors claim ship had eight more targets before it was stopped by coast guard

…are facing, although Finland failed to secure a conviction, as the court said that it did not have jurisdiction over the case because the incident happened outside of Finnish territorial waters. The…

Jun 16, 2026 · Jowi Morales

bleepingcomputer.com › news › security

GitHub links repo breach to TanStack npm supply-chain attack

…GitHub revealed the breach on Tuesday, saying it was investigating claims of unauthorized access to its internal repositories and telling BleepingComputer that the incident resulted from an employee installing a malicious Visual…

May 21, 2026 · Sergiu Gatlan