BleepingComputer - Latest News and Information
  • All Technology
  • AI
  • Autonomy
  • B2B Growth
  • Big Data
  • BioTech
  • ClimateTech
  • Consumer Tech
  • Crypto
  • Cybersecurity
  • DevOps
  • Digital Marketing
  • Ecommerce
  • EdTech
  • Enterprise
  • FinTech
  • GovTech
  • Hardware
  • HealthTech
  • HRTech
  • LegalTech
  • Nanotech
  • PropTech
  • Quantum
  • Robotics
  • SaaS
  • SpaceTech
AllNewsDealsSocialBlogsVideosPodcastsDigests

Technology Pulse

EMAIL DIGESTS

Daily

Every morning

Weekly

Sunday recap

NewsDealsSocialBlogsVideosPodcasts
BleepingComputer

BleepingComputer

Publication
0 followers

Security news and advisories with gov/infra impact.

Recent Posts

Critical N8n Flaws Disclosed Along with Public Exploits
News•Feb 4, 2026

Critical N8n Flaws Disclosed Along with Public Exploits

Multiple critical flaws identified as CVE‑2026‑25049 let any authenticated n8n user execute arbitrary code on the host server. The vulnerabilities stem from weak sandboxing of user‑written JavaScript and bypass the prior CVE‑2025‑68613 fix. Versions prior to 2.5.2 and 1.123.17 are vulnerable, while n8n released patches in early January 2026. Researchers published detailed attack chains and temporary mitigations, urging immediate updates and credential rotation.

By BleepingComputer
CISA: VMware ESXi Flaw Now Exploited in Ransomware Attacks
News•Feb 4, 2026

CISA: VMware ESXi Flaw Now Exploited in Ransomware Attacks

CISA confirmed that ransomware gangs are exploiting a high‑severity VMware ESXi sandbox‑escape flaw, CVE‑2025‑22225, which Broadcom patched in March 2025 alongside two related vulnerabilities. The vulnerability enables an arbitrary kernel write, allowing attackers with privileged VMX process access to break...

By BleepingComputer
CISA Warns of Five-Year-Old GitLab Flaw Exploited in Attacks
News•Feb 4, 2026

CISA Warns of Five-Year-Old GitLab Flaw Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the five‑year‑old GitLab SSRF vulnerability (CVE‑2021‑39935) after confirming it is being actively exploited. The flaw, fixed by GitLab in December 2021, allows unauthenticated users to access...

By BleepingComputer
The Double-Edged Sword of Non-Human Identities
News•Feb 4, 2026

The Double-Edged Sword of Non-Human Identities

Flare’s 2025 analysis uncovered more than 10,000 Docker Hub images exposing API keys, cloud tokens, and AI model credentials. The leaks illustrate how non‑human identities—tokens, service accounts, and workload identities—are embedded in containers and can persist for years, as seen...

By BleepingComputer
Microsoft Rolls Out Native Sysmon Monitoring in Windows 11
News•Feb 4, 2026

Microsoft Rolls Out Native Sysmon Monitoring in Windows 11

Microsoft has begun rolling out native Sysmon functionality to Windows 11 Insider builds in the Beta and Dev channels. The built‑in service mirrors the popular Sysinternals Sysmon tool, logging process, file and clipboard events to the Windows Event Log. It remains...

By BleepingComputer
Coinbase Confirms Insider Breach Linked to Leaked Support Tool Screenshots
News•Feb 4, 2026

Coinbase Confirms Insider Breach Linked to Leaked Support Tool Screenshots

Coinbase confirmed an insider breach in which a contractor accessed the personal data of roughly thirty customers. The breach is tied to screenshots of an internal support tool that were leaked earlier this year. The incident occurred in December but...

By BleepingComputer
Wave of Citrix NetScaler Scans Use Thousands of Residential Proxies
News•Feb 3, 2026

Wave of Citrix NetScaler Scans Use Thousands of Residential Proxies

GreyNoise observed a coordinated reconnaissance campaign against Citrix NetScaler from Jan 28 to Feb 2, leveraging over 63,000 residential proxy IPs and a single Azure address. The scans generated 111,834 sessions, with 79% targeting Citrix Gateway honeypots and 64% originating from residential...

By BleepingComputer
Iron Mountain: Data Breach Mostly Limited to Marketing Materials
News•Feb 3, 2026

Iron Mountain: Data Breach Mostly Limited to Marketing Materials

Iron Mountain disclosed that the recent breach claimed by the Everest extortion gang was confined to a single folder of marketing materials on a public‑facing file‑sharing server. Attackers used a compromised login credential but did not deploy ransomware or access...

By BleepingComputer
Hackers Exploit Critical React Native Metro Bug to Breach Dev Systems
News•Feb 3, 2026

Hackers Exploit Critical React Native Metro Bug to Breach Dev Systems

Hackers are exploiting the critical CVE‑2025‑11953 flaw in the React Native Metro bundler to gain unauthenticated command execution on development machines. The vulnerability resides in the /open‑url HTTP endpoint, which accepts unsanitized POST data and can run arbitrary OS commands...

By BleepingComputer
Mozilla Announces Switch to Disable All Firefox AI Features
News•Feb 2, 2026

Mozilla Announces Switch to Disable All Firefox AI Features

Mozilla announced that Firefox 148, releasing on February 24, will include a global “Block AI enhancements” toggle, letting users disable all generative AI features or manage them individually. The AI controls panel covers five specific tools—browser translations, PDF alt‑text generation, AI‑enhanced tab...

By BleepingComputer
Microsoft: January Update Shutdown Bug Affects More Windows PCs
News•Feb 2, 2026

Microsoft: January Update Shutdown Bug Affects More Windows PCs

Microsoft confirmed that a shutdown bug introduced by the January 15 cumulative update affects Windows 11 23H2 devices with System Guard Secure Launch and extends to Windows 10 22H2, Enterprise LTSC 2021 and 2019 when Virtual Secure Mode (VSM) is enabled. Emergency...

By BleepingComputer
CTM360 Report Warns of Global Surge in Fake High-Yield Investment Scams
News•Feb 2, 2026

CTM360 Report Warns of Global Surge in Fake High-Yield Investment Scams

CTM360’s new report reveals a sharp global rise in fraudulent high‑yield investment programs, or HYIPs, promising unrealistic returns such as 40 % in 72 hours. Over 4,200 scam sites were cataloged in the past year, with December 2025 alone seeing 485 incidents—about 15...

By BleepingComputer
Panera Bread Breach Impacts 5.1 Million Accounts, Not 14 Million Customers
News•Feb 2, 2026

Panera Bread Breach Impacts 5.1 Million Accounts, Not 14 Million Customers

A recent data breach at Panera Bread compromised roughly 5.1 million unique user accounts, far fewer than the 14 million records initially reported. The breach was carried out by the ShinyHunters extortion gang, which accessed Panera's systems through a Microsoft Entra single...

By BleepingComputer
Microsoft Fixes Bug Causing Password Sign-In Option to Disappear
News•Feb 2, 2026

Microsoft Fixes Bug Causing Password Sign-In Option to Disappear

Microsoft has resolved a lock‑screen bug that hid the password sign‑in icon after Windows 11 updates released since August 2025. The issue primarily affected users with multiple authentication methods and was linked to the KB5064081 preview update and subsequent 24H2/25H2 builds. Microsoft...

By BleepingComputer
NationStates Confirms Data Breach, Shuts Down Game Site
News•Feb 2, 2026

NationStates Confirms Data Breach, Shuts Down Game Site

NationStates, a browser‑based government simulation game, confirmed a data breach after a player exploited a critical Remote Code Execution flaw in its new Dispatch Search feature. The attacker accessed production servers, copying email addresses, MD5‑hashed passwords, IP logs, and possibly...

By BleepingComputer
Researcher Reveals Evidence of Private Instagram Profiles Leaking Photos
News•Jan 31, 2026

Researcher Reveals Evidence of Private Instagram Profiles Leaking Photos

Security researcher Jatin Banga uncovered that Instagram’s private‑profile pages sometimes embed direct CDN links to private photos in the HTML response, exposing them to unauthenticated visitors. His testing showed about 28% of the private accounts he examined leaked such links....

By BleepingComputer
Microsoft to Disable NTLM by Default in Future Windows Releases
News•Jan 30, 2026

Microsoft to Disable NTLM by Default in Future Windows Releases

Microsoft announced that NTLM authentication will be disabled by default in future Windows Server and client releases. The change follows a three‑phase transition—auditing tools in Windows 11 24H2 and Server 2025, introduction of IAKerb and a Local KDC in late 2026, and final...

By BleepingComputer
Operation Switch Off Dismantles Major Pirate TV Streaming Services
News•Jan 30, 2026

Operation Switch Off Dismantles Major Pirate TV Streaming Services

Operation Switch Off, a joint effort by Europol, Eurojust and Interpol led by Italy’s Catania prosecutor and State Police, seized three industrial‑scale illegal IPTV services—IPTVItalia, migliorIPTV and DarkTV—across 14 countries. The crackdown dismantled servers in Romania and Africa, identified 31...

By BleepingComputer
Microsoft Fixes Outlook Bug Blocking Access to Encrypted Emails
News•Jan 30, 2026

Microsoft Fixes Outlook Bug Blocking Access to Encrypted Emails

Microsoft has resolved a bug in classic Outlook that blocked users from opening emails encrypted with the “Encrypt Only” permission after a December 2025 update. The defect replaced the encrypted payload with a message_v2.rpmsg attachment, making the content unreadable in...

By BleepingComputer
Hugging Face Abused to Spread Thousands of Android Malware Variants
News•Jan 29, 2026

Hugging Face Abused to Spread Thousands of Android Malware Variants

Researchers at Bitdefender uncovered a new Android malware campaign that exploits the Hugging Face platform as a distribution hub for thousands of polymorphic APK variants. The dropper app, TrustBastion, masquerades as a security tool, redirects victims to a Hugging Face...

By BleepingComputer
Ivanti Warns of Two EPMM Flaws Exploited in Zero-Day Attacks
News•Jan 29, 2026

Ivanti Warns of Two EPMM Flaws Exploited in Zero-Day Attacks

Ivanti disclosed two critical code‑injection flaws (CVE‑2026‑1281 and CVE‑2026‑1340) in its Endpoint Manager Mobile (EPMM) platform, each scoring 9.8 on the CVSS scale and already leveraged in limited zero‑day attacks. The company issued immediate RPM‑based mitigations that require no downtime,...

By BleepingComputer
Marquis Blames Ransomware Breach on SonicWall Cloud Backup Hack
News•Jan 29, 2026

Marquis Blames Ransomware Breach on SonicWall Cloud Backup Hack

Marquis Software Solutions, a Texas‑based provider to over 700 banks and credit unions, attributes its August 2025 ransomware incident to a breach of SonicWall’s MySonicWall cloud backup service. The attackers allegedly used firewall configuration files stolen from SonicWall to bypass Marquis’s...

By BleepingComputer
Aisuru Botnet Sets New Record with 31.4 Tbps DDoS Attack
News•Jan 29, 2026

Aisuru Botnet Sets New Record with 31.4 Tbps DDoS Attack

The Aisuru/Kimwolf botnet launched a hyper‑volumetric DDoS assault that peaked at 31.4 Tbps and 200 million requests per second, eclipsing its own 29.7 Tbps record. Cloudflare detected and automatically mitigated the attack on December 19, 2024, without triggering internal alerts. The campaign primarily hit...

By BleepingComputer
France Fines Unemployment Agency €5 Million over Data Breach
News•Jan 29, 2026

France Fines Unemployment Agency €5 Million over Data Breach

France's data protection authority (CNIL) has imposed a €5 million fine on the national employment agency, France Travail, for a massive data breach. The breach, discovered in early 2024, exposed personal details of up to 43 million job seekers, including names, birth...

By BleepingComputer
SolarWinds Warns of Critical Web Help Desk RCE, Auth Bypass Flaws
News•Jan 28, 2026

SolarWinds Warns of Critical Web Help Desk RCE, Auth Bypass Flaws

SolarWinds issued emergency patches for its Web Help Desk platform, fixing four critical vulnerabilities—two authentication bypass flaws (CVE‑2025‑40552, CVE‑2025‑40554), two remote code execution bugs (CVE‑2025‑40553, CVE‑2025‑40551), and a hard‑coded credentials issue (CVE‑2025‑40537). The flaws can be exploited remotely without authentication,...

By BleepingComputer
Hackers Hijack Exposed LLM Endpoints in Bizarre Bazaar Operation
News•Jan 28, 2026

Hackers Hijack Exposed LLM Endpoints in Bizarre Bazaar Operation

Researchers at Pillar Security uncovered a large‑scale cyber‑crime operation dubbed “Bizarre Bazaar” that hijacks exposed LLM endpoints. Over 40 days they logged 35,000 attack sessions, showing attackers exploit misconfigured AI APIs to mine cryptocurrency, resell access, exfiltrate data, and pivot...

By BleepingComputer
Slovakian Man Pleads Guilty to Operating Darknet Marketplace
News•Jan 28, 2026

Slovakian Man Pleads Guilty to Operating Darknet Marketplace

A Slovakian national, Alan Bill, pleaded guilty to operating the Kingdom Market darknet platform, which sold drugs, forged IDs, stolen data and cyber‑crime tools from March 2021 to December 2023. The marketplace listed about 42,000 illicit items and processed payments in privacy‑focused cryptocurrencies....

By BleepingComputer
Chinese Mustang Panda Hackers Deploy Infostealers via CoolClient Backdoor
News•Jan 27, 2026

Chinese Mustang Panda Hackers Deploy Infostealers via CoolClient Backdoor

Chinese espionage group Mustang Panda has upgraded its CoolClient backdoor with new infostealer capabilities, including browser credential theft, clipboard monitoring, and active window tracking. The variant has been observed targeting government entities in Myanmar, Mongolia, Malaysia, Russia and Pakistan, delivered via...

By BleepingComputer
WinRAR Path Traversal Flaw Still Exploited by Numerous Hackers
News•Jan 27, 2026

WinRAR Path Traversal Flaw Still Exploited by Numerous Hackers

Multiple threat actors, including state‑sponsored groups and cybercriminals, are exploiting the high‑severity WinRAR path‑traversal vulnerability CVE‑2025‑8088. The flaw uses Alternate Data Streams to write malicious LNK, HTA, BAT or script files to arbitrary locations such as the Windows Startup folder,...

By BleepingComputer
Critical Sandbox Escape Flaw Found in Popular Vm2 NodeJS Library
News•Jan 27, 2026

Critical Sandbox Escape Flaw Found in Popular Vm2 NodeJS Library

A critical‑severity vulnerability (CVE‑2026‑22709) has been discovered in the popular vm2 Node.js sandbox library, allowing attackers to bypass Promise sanitization and escape the sandbox. The flaw enables arbitrary code execution on the host system and affects versions prior to 3.10.3,...

By BleepingComputer
From Cipher to Fear: The Psychology Behind Modern Ransomware Extortion
News•Jan 27, 2026

From Cipher to Fear: The Psychology Behind Modern Ransomware Extortion

Modern ransomware has moved beyond file encryption to a pressure‑centric extortion model that weaponizes stolen data, regulatory threats, and reputation damage. 2025 saw ransomware groups fragment into affiliate networks, making attribution harder while scaling double‑extortion campaigns. Research shows SMBs in...

By BleepingComputer
6 Okta Security Settings You Might Have Overlooked
News•Jan 26, 2026

6 Okta Security Settings You Might Have Overlooked

Okta is the backbone of many SaaS‑first enterprises, making its security settings critical. The article outlines six often‑overlooked configurations—password policies, phishing‑resistant MFA, ThreatInsight, admin session ASN binding, session lifetimes, and behavior rules—that strengthen identity protection. It also highlights how continuous...

By BleepingComputer
Hackers Can Bypass Npm’s Shai-Hulud Defenses via Git Dependencies
News•Jan 26, 2026

Hackers Can Bypass Npm’s Shai-Hulud Defenses via Git Dependencies

The recent discovery by Koi Security reveals that NPM’s handling of Git‑based dependencies can circumvent the post‑Shai‑Hulud “PackageGate” defenses, allowing malicious code execution even with the `--ignore‑scripts` flag. The bypass exploits a crafted `.npmrc` file that overrides the Git binary...

By BleepingComputer
Microsoft Investigates Windows 11 Boot Failures After January Updates
News•Jan 25, 2026

Microsoft Investigates Windows 11 Boot Failures After January Updates

Microsoft is investigating Windows 11 boot failures marked by the UNMOUNTABLE_BOOT_VOLUME stop code after the January 2026 Patch Tuesday cumulative update (KB5074109). The problem impacts Windows 11 version 25H2 and all editions of version 24H2 on physical devices, displaying a black crash screen and requiring...

By BleepingComputer
Microsoft Releases Emergency OOB Update to Fix Outlook Freezes
News•Jan 25, 2026

Microsoft Releases Emergency OOB Update to Fix Outlook Freezes

Microsoft issued emergency out‑of‑band (OOB) updates on Saturday to address a critical Outlook freeze affecting PST files stored in cloud services such as OneDrive and Dropbox. The problem, introduced by the January 2026 Patch Tuesday roll‑out, caused Outlook to become...

By BleepingComputer
Konni Hackers Target Blockchain Engineers with AI-Built Malware
News•Jan 24, 2026

Konni Hackers Target Blockchain Engineers with AI-Built Malware

North Korean hacker group Konni, linked to APT37, is deploying AI‑generated PowerShell malware to infiltrate blockchain developers. The campaign uses Discord‑hosted links that deliver a ZIP file containing a PDF lure and a malicious LNK shortcut. The shortcut triggers a...

By BleepingComputer
What an AI-Written Honeypot Taught Us About Trusting Machines
News•Jan 23, 2026

What an AI-Written Honeypot Taught Us About Trusting Machines

Intruder used an AI model to draft a honeypot prototype, but the generated code mistakenly trusted client‑supplied IP headers, allowing attackers to inject payloads via spoofed headers. The flaw went unnoticed by static analysis tools like Semgrep and Gosec, highlighting...

By BleepingComputer
Okta SSO Accounts Targeted in Vishing-Based Data Theft Attacks
News•Jan 22, 2026

Okta SSO Accounts Targeted in Vishing-Based Data Theft Attacks

Okta has identified a new wave of vishing‑based phishing kits sold as a service, allowing attackers to conduct live, voice‑driven credential theft. The kits let threat actors spoof corporate numbers, manipulate phishing pages in real time, and capture both passwords...

By BleepingComputer
Microsoft Teams to Add Brand Impersonation Warnings to Calls
News•Jan 22, 2026

Microsoft Teams to Add Brand Impersonation Warnings to Calls

Microsoft Teams will introduce a "Brand Impersonation Protection" feature that flags first‑time external VoIP callers attempting to pose as trusted organizations. The protection rolls out to the targeted release ring in mid‑February and is enabled by default, displaying high‑risk warnings...

By BleepingComputer
INC Ransomware Opsec Fail Allowed Data Recovery for 12 US Orgs
News•Jan 22, 2026

INC Ransomware Opsec Fail Allowed Data Recovery for 12 US Orgs

Researchers from Cyber Centaurs uncovered an operational security slip in the INC ransomware campaign that exposed the gang's backup infrastructure. By tracing Restic backup tool artifacts and hard‑coded credentials, they located encrypted exfiltrated data belonging to twelve unrelated U.S. organizations across...

By BleepingComputer
Why Active Directory Password Resets Are Surging in Hybrid Work
News•Jan 22, 2026

Why Active Directory Password Resets Are Surging in Hybrid Work

Hybrid work has turned routine Active Directory password resets into a major productivity drain, as cached credentials and frequent rotation policies cause more lockouts. Since 2022, over half of U.S. employees operate in hybrid models, leading to an estimated 923...

By BleepingComputer
New Android Malware Uses AI to Click on Hidden Browser Ads
News•Jan 21, 2026

New Android Malware Uses AI to Click on Hidden Browser Ads

A new Android click‑fraud trojan family uses TensorFlow.js to run AI models inside a hidden WebView, visually identifying and tapping ads instead of relying on static JavaScript code. The malware is distributed through Xiaomi’s GetApps store, third‑party mod APK sites,...

By BleepingComputer

Page 3 of 4

← Prev1234Next →