Search

bleepingcomputer.com › news › security

CISA flags two-year-old Oracle flaw as actively exploited in attacks

…this security flaw can be exploited remotely by threat actors with no privileges in low-complexity attacks targeting systems running Oracle WebLogic Server versions 12.2.1.4.0 and 14.1…

Jun 2, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight

…NMFTA Cybersecurity Conference Tackles Cyber-Enabled Cargo Crime Join your peers for the NMFTA 2026 Cybersecurity Conference to learn about real-world threat intelligence, research, and practical strategies focused on securing connected…

May 14, 2026

bleepingcomputer.com › news › security

Chinese hackers breach REDCap servers, steal medical research

…deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America. Google Threat Intelligence Group (GTIG) researchers attribute the attacks to a threat actor tracked as UNC6508, who…

Jun 15, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Police seize “First VPN” service used in ransomware, data theft attacks

…VPN tools encrypt users’ traffic and hide their real IP addresses. While they are used legitimately to protect privacy on public WiFi, bypass censorship, reduce tracking, and enable secure remote work, threat…

May 21, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Path traversal flaw in AI dev platform Langflow exploited in attacks

…Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen. The Picus whitepaper shows how breach and…

Jun 10, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Amadey, StealC malware operations disrupted in Operation Endgame action

…Unfortunately, unless arrests are made in the operations, the threat actors commonly rebuild infrastructure to launch new attacks . Test every layer before attackers do Security teams log 54% of successful attacks and…

Jun 24, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Over 400 Arch Linux packages compromised to push rootkit, infostealer

…Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen. The Picus whitepaper shows how breach and…

Jun 12, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Iranian hackers targeted major South Korean electronics maker

…Symantec’s Threat Hunter Team believes the attacker was intelligence-driven, focusing on industrial and intellectual property theft, government espionage, and access to downstream customers or corporate networks. Fortemedia and SentinelOne abuse…

May 13, 2026 · Bill Toulas

bleepingcomputer.com › news › security

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.

…The researcher also stated that multiple organizations across Japan, Taiwan, Vietnam, Iraq, and Turkey were fully compromised, including a Turkish NATO defense contractor from which classified documents were allegedly stolen.  Threat intelligence…

Jun 17, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

…XLab threat intelligence researchers at Chinese cybersecurity company Qianxin, who confirmed impact on more than 700 domains, including university portals, AI/SaaS companies, media outlets, fintech firms, security sites, and personal blogs…

May 24, 2026 · Bill Toulas