Search

bleepingcomputer.com › news › linux

Exploit released for new PinTheft Arch Linux root escalation flaw

…The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel's RDS (Reliable Datagram Sockets) and…

May 20, 2026 · Sergiu Gatlan

Top stories

bleepingcomputer.com

Reducing security operations complexity with Wazuh Cloud

1d ago

bleepingcomputer.com

Why the browser is now the front line for AI security

1w ago

bleepingcomputer.com

Microsoft fixes KB5089549 Windows security update install issues

1w ago

bleepingcomputer.com › news › security

Drupal critical update to fix bug with high exploitation risk

…According to the public service announcement , the vulnerability affects Drupal core versions 8 and later, but the advisory clarifies that not all configurations are impacted. Security updates will be available for the…

May 20, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New Linux 'Dirty Frag' zero-day gives root on all major distros

…CISA added Copy Fail to its Known Exploited Vulnerabilities (KEV) Catalog last Friday, ordering federal agencies to secure their Linux devices within two weeks, by May 15. "This type of vulnerability is…

May 8, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › microsoft

Microsoft releases Windows 10 KB5087544 extended security update

…With today's May 2026 Patch Tuesday , Microsoft has fixed 120 vulnerabilities. The complete list of fixes in KB5087544 is listed below: [Remote Desktop security warnings (known issue)]  Fixed: The Remote Desktop…

May 12, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Palo Alto Networks firewall zero-day exploited for nearly a month

…Cybersecurity and Infrastructure Security Agency (CISA) also added the CVE-2026-0300 zero-day to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to secure vulnerable…

May 7, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Acer working to patch max severity zero-days in Wave 7 routers

…two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. According to a Friday security advisory , the two security flaws were reported by security researcher Gergo Pap and affect Wave…

Jun 3, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

18-year-old NGINX vulnerability allows DoS, potential RCE

…of the Common Vulnerability Scoring System (CVSS). Three more memory corruption security issues were discovered in the same six-hour code scanning session by researchers at AI-native security company DepthFirst AI…

May 14, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Ivanti warns of new EPMM flaw exploited in zero-day attacks

…today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. The security flaw (tracked as CVE-2026-6973) stems from an Improper…

May 7, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Instructure confirms hackers used Canvas flaw to deface portals

Instructure confirms hackers used Canvas flaw to deface portals By Ionut Ilascu May 11, 2026 11:26 AM Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify…

May 11, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

Windows BitLocker zero-day gives access to protected drives, PoC released

…privilege escalation security issue that could be exploited to obtain a shell with SYSTEM permissions. Chaotic Eclipse describes it as a "Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability." An unprivileged…

May 13, 2026 · Bill Toulas