Search

bleepingcomputer.com › news › microsoft

Critical Windows Netlogon RCE flaw now exploited in attacks

…According to a security advisory published by the company on May 12, the vulnerability was discovered by Windows Attack Research & Protection (WARP), an internal offensive cybersecurity and engineering research team at Microsoft…

Jun 1, 2026 · Sergiu Gatlan

Top stories

bleepingcomputer.com

Why the browser is now the front line for AI security

6d ago

bleepingcomputer.com

Microsoft fixes KB5089549 Windows security update install issues

1w ago

bleepingcomputer.com › news › security

Max-severity flaw in ChromaDB for AI apps allows server hijacking

Max-severity flaw in ChromaDB for AI apps allows server hijacking By Bill Toulas May 19, 2026 06:25 PM A max-severity vulnerability in the latest Python FastAPI version of the…

May 19, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New critical Exim mailer flaw allows remote code execution

…vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. Identified as CVE-2026-45185 , the security issue…

May 13, 2026 · Bill Toulas

bleepingcomputer.com › news › security

KnowledgeDeliver flaw exploited as a zero-day to install web shells

…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…

May 26, 2026 · Ionut Ilascu

bleepingcomputer.com › news › security

WP Maps Pro bug exploited to create admin accounts on WordPress sites

…The vulnerability, tracked as CVE-2026-8732, has a critical severity rating and impacts WP Maps Pro versions 6.1.0 and older. It was discovered and reported by security researcher David…

May 31, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Critical Everest Forms Pro flaw exploited to take over WordPress sites

…are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. The security issue affects versions 1.9…

Jun 6, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Hackers bypass SonicWall VPN MFA due to incomplete patching

…SonicWall warned in a security advisory for CVE-2024-12802 that installing the firmware update alone on Gen6 devices does not fully mitigate the vulnerability, and a manual reconfiguration of the LDAP…

May 20, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

…Cisco vulnerabilities as abused in the wild, four of them in Cisco Catalyst SD-WAN Manager and six others exploited by ransomware operations. Test every layer before attackers do Security teams log…

Jun 5, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

VS Code zero-day lets hackers steal GitHub tokens in one click

…Gatlan June 3, 2026 02:50 AM A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens…

Jun 3, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

How Varonis Atlas integrates Claude Compliance API for AI governance

…and agents for vulnerabilities such as prompt injection and jailbreaks.  In addition, Varonis Atlas can stress-test assistants and agents for vulnerabilities such as prompt injection and jailbreaks.  Secure AI and the…

May 26, 2026