Search

bleepingcomputer.com › news › security

New critical Exim mailer flaw allows remote code execution

…vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. Identified as CVE-2026-45185 , the security issue…

May 13, 2026 · Bill Toulas

bleepingcomputer.com › news › security

New Fragnesia Linux flaw lets attackers gain root privileges

…privilege escalation vulnerability now actively exploited in the wild . CISA added Copy Fail to its catalog of flaws exploited in attacks on May 1 and ordered federal agencies to secure their Linux…

May 14, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Critical Everest Forms Pro flaw exploited to take over WordPress sites

…Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. The security issue affects versions 1…

Jun 6, 2026 · Bill Toulas

bleepingcomputer.com › news › security

KnowledgeDeliver flaw exploited as a zero-day to install web shells

…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…

May 26, 2026 · Ionut Ilascu

Top stories

bleepingcomputer.com

Why AI-driven threats are exposing the limits of MSP security stacks

2d ago

bleepingcomputer.com

XBOW tests Anthropic's Mythos Preview for offensive security

4d ago

bleepingcomputer.com

ServiceNow discloses security incident exposing customer data

4d ago

bleepingcomputer.com

Reducing security operations complexity with Wazuh Cloud

5d ago

bleepingcomputer.com › news › security

Google patches new Chrome zero-day flaw exploited in the wild

Google patches new Chrome zero-day flaw exploited in the wild By Sergiu Gatlan June 9, 2026 02:56 AM Google has released emergency updates to patch another Chrome zero-day vulnerability…

Jun 9, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

…While SAP hasn't found evidence that any of the vulnerabilities patched today were exploited in the wild, CISA has added 14 SAP security flaws to its Known Exploited Vulnerabilities catalog in…

May 12, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

WP Maps Pro bug exploited to create admin accounts on WordPress sites

…Researchers at WordPress security company Defiant observed that threat actors are trying to exploit the vulnerability, and blocked more than 3,600 attempts over the past 24 hours. “When the request is…

May 31, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Hackers bypass SonicWall VPN MFA due to incomplete patching

…Hackers used AI to develop zero-day exploit for web admin tool Actively Exploited Authentication Bypass Initial Access Broker MFA Ransomware SonicWall SSL VPN Vulnerability Bill Toulas Bill Toulas is a tech…

May 20, 2026 · Bill Toulas

bleepingcomputer.com › news › security

VS Code zero-day lets hackers steal GitHub tokens in one click

…Gatlan June 3, 2026 02:50 AM A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens…

Jun 3, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers exploit FortiClient EMS flaw to push infostealer malware By Bill Toulas May 28, 2026 01:25 PM Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management…

May 28, 2026 · Bill Toulas