Search

bleepingcomputer.com › news › security

Ivanti: Max severity Sentry flaw allows code execution as root

…Formerly known as MobileIron Sentry, Ivanti Sentry is a security gateway appliance that secures traffic between back-end corporate systems and remote mobile devices. Tracked as CVE-2026-10520 , the maximum-severity…

Jun 10, 2026 · Sergiu Gatlan

Top stories

bleepingcomputer.com

CISA warns Fortinet users to secure devices after FortiBleed leak

3d ago

bleepingcomputer.com

New Rokarolla Android malware targets 217 banking, crypto apps

6d ago

bleepingcomputer.com

New attack turned Microsoft 365 Copilot into 1-click data theft tool

1w ago

bleepingcomputer.com › news › security

BTMOB Android malware service generates custom phishing payloads

…to remove from the device, or prevent sleep mode). It should be noted that BTMOB is mostly active in Brazil and Latin America. It is not a new Android trojan, as ANYRUN…

May 28, 2026 · Bill Toulas

bleepingcomputer.com › news › security

USB worm spreads crypto-stealing malware via Windows shortcut files

…The worm creates a scheduled task that monitors for newly connected USB storage devices. When a removable drive is connected, the malware it copies itself to the device and creates additional malicious…

Jun 18, 2026 · Bill Toulas

bleepingcomputer.com › news › microsoft

Microsoft backpedals: Edge to stop loading passwords into memory

…Last year, Microsoft also introduced a new Edge security feature to protect users against malicious extensions sideloaded into the web browser, and restricted access to Edge's Internet Explorer mode after hackers…

May 15, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Ubiquiti patches three max severity UniFi OS vulnerabilities

…On Thursday, Ubiquiti also patched a second critical command injection flaw ( CVE-2026-33000 ) and a high-severity information disclosure ( CVE-2026-34911 ), both affecting Unifi OS devices. Ubiquiti has yet to…

May 22, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

AryStinger botnet infected thousands of D-Link routers worldwide

…New Mirai campaign exploits RCE flaw in EoL D-Link routers C0XMO botnet spreads via DD-WRT router flaw, kills rival malware Dutch govt disrupts malware botnet with 17 million infected devices…

Jun 21, 2026 · Bill Toulas

bleepingcomputer.com › news › security

GitHub investigates internal repositories breach claimed by TeamPCP

…The Trivy breach also affected the LiteLLM open-source Python library in an attack that infected tens of thousands of devices with its "TeamPCP Cloud Stealer" information-stealing malware. More recently, the…

May 20, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Exploit available for new DirtyDecrypt Linux root escalation flaw

Exploit available for new DirtyDecrypt Linux root escalation flaw By Sergiu Gatlan May 18, 2026 03:18 AM A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module…

May 18, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

ChatGPT share links abused to host fake outage pages to deliver malware

…The website offers both macOS [ VirusTotal ] and Windows [ VirusTotal ] downloads that install malware on devices. While it is unclear what payloads are ultimately deployed, earlier campaigns abusing AI platform sharing features have…

May 29, 2026 · Lawrence Abrams

bleepingcomputer.com › news › microsoft

Microsoft shares mitigation for YellowKey Windows zero-day

…On devices that are not yet encrypted, admins can enable the "Require additional authentication at startup" option via Microsoft Intune or Group Policies, while ensuring that "Configure TPM startup PIN" is set…

May 20, 2026 · Sergiu Gatlan