Category: Bleeping Computer

Windows
13
Feb
2026

New Windows LNK spoofing issues aren’t vulnerabilities

Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow…

Share: X : New Windows LNK spoofing issues aren’t vulnerabilitiesFacebook : New Windows LNK spoofing issues aren’t vulnerabilitiesLinkedin : New Windows LNK spoofing issues aren’t vulnerabilitiesReddit : New Windows LNK spoofing issues aren’t vulnerabilitiesTelegram : New Windows LNK spoofing issues aren’t vulnerabilitiesWhatsApp : New Windows LNK spoofing issues aren’t vulnerabilitiesEmail : New Windows LNK spoofing issues aren’t vulnerabilities
Romania
12
Feb
2026

Romania’s oil pipeline operator Conpet confirms data stolen in attack

Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last…

Share: X : Romania’s oil pipeline operator Conpet confirms data stolen in attackFacebook : Romania’s oil pipeline operator Conpet confirms data stolen in attackLinkedin : Romania’s oil pipeline operator Conpet confirms data stolen in attackReddit : Romania’s oil pipeline operator Conpet confirms data stolen in attackTelegram : Romania’s oil pipeline operator Conpet confirms data stolen in attackWhatsApp : Romania’s oil pipeline operator Conpet confirms data stolen in attackEmail : Romania’s oil pipeline operator Conpet confirms data stolen in attack
Odido
12
Feb
2026

Odido data breach exposes personal info of 6.2 million customers

Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million…

Share: X : Odido data breach exposes personal info of 6.2 million customersFacebook : Odido data breach exposes personal info of 6.2 million customersLinkedin : Odido data breach exposes personal info of 6.2 million customersReddit : Odido data breach exposes personal info of 6.2 million customersTelegram : Odido data breach exposes personal info of 6.2 million customersWhatsApp : Odido data breach exposes personal info of 6.2 million customersEmail : Odido data breach exposes personal info of 6.2 million customers
WordPress plugin with 900k installs vulnerable to critical RCE flaw
12
Feb
2026

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited…

Share: X : WordPress plugin with 900k installs vulnerable to critical RCE flawFacebook : WordPress plugin with 900k installs vulnerable to critical RCE flawLinkedin : WordPress plugin with 900k installs vulnerable to critical RCE flawReddit : WordPress plugin with 900k installs vulnerable to critical RCE flawTelegram : WordPress plugin with 900k installs vulnerable to critical RCE flawWhatsApp : WordPress plugin with 900k installs vulnerable to critical RCE flawEmail : WordPress plugin with 900k installs vulnerable to critical RCE flaw
Flare Infostealer header
12
Feb
2026

AMOS infostealer targets macOS through a popular AI app

Infostealers like Atomic MacOS Stealer (AMOS) represent far more than a standalone malware. They are foundational components of a mature cybercrime…

Share: X : AMOS infostealer targets macOS through a popular AI appFacebook : AMOS infostealer targets macOS through a popular AI appLinkedin : AMOS infostealer targets macOS through a popular AI appReddit : AMOS infostealer targets macOS through a popular AI appTelegram : AMOS infostealer targets macOS through a popular AI appWhatsApp : AMOS infostealer targets macOS through a popular AI appEmail : AMOS infostealer targets macOS through a popular AI app
Google Chrome adds new security layer for Gemini AI agentic browsing
12
Feb
2026

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI…

Share: X : Fake AI Chrome extensions with 300K users steal credentials, emailsFacebook : Fake AI Chrome extensions with 300K users steal credentials, emailsLinkedin : Fake AI Chrome extensions with 300K users steal credentials, emailsReddit : Fake AI Chrome extensions with 300K users steal credentials, emailsTelegram : Fake AI Chrome extensions with 300K users steal credentials, emailsWhatsApp : Fake AI Chrome extensions with 300K users steal credentials, emailsEmail : Fake AI Chrome extensions with 300K users steal credentials, emails
Google says hackers are abusing Gemini AI for all attacks stages
12
Feb
2026

Google says hackers are abusing Gemini AI for all attacks stages

State-backed hackers are using Google’s Gemini AI model to support all stages of an attack, from reconnaissance to post-compromise actions. Bad actors…

Share: X : Google says hackers are abusing Gemini AI for all attacks stagesFacebook : Google says hackers are abusing Gemini AI for all attacks stagesLinkedin : Google says hackers are abusing Gemini AI for all attacks stagesReddit : Google says hackers are abusing Gemini AI for all attacks stagesTelegram : Google says hackers are abusing Gemini AI for all attacks stagesWhatsApp : Google says hackers are abusing Gemini AI for all attacks stagesEmail : Google says hackers are abusing Gemini AI for all attacks stages
Apple
12
Feb
2026

Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks

Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific…

Share: X : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksFacebook : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksLinkedin : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksReddit : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksTelegram : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksWhatsApp : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacksEmail : Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks
Windows 11 Notepad
12
Feb
2026

Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a “remote code execution” vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote…

Share: X : Windows 11 Notepad flaw let files execute silently via Markdown linksFacebook : Windows 11 Notepad flaw let files execute silently via Markdown linksLinkedin : Windows 11 Notepad flaw let files execute silently via Markdown linksReddit : Windows 11 Notepad flaw let files execute silently via Markdown linksTelegram : Windows 11 Notepad flaw let files execute silently via Markdown linksWhatsApp : Windows 11 Notepad flaw let files execute silently via Markdown linksEmail : Windows 11 Notepad flaw let files execute silently via Markdown links
Outlook
12
Feb
2026

Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts

The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft…

Share: X : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsFacebook : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsLinkedin : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsReddit : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsTelegram : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsWhatsApp : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accountsEmail : Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts
Hacker monitoring employees
11
Feb
2026

Crazy ransomware gang abuses employee monitoring tool in attacks

A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to…

Share: X : Crazy ransomware gang abuses employee monitoring tool in attacksFacebook : Crazy ransomware gang abuses employee monitoring tool in attacksLinkedin : Crazy ransomware gang abuses employee monitoring tool in attacksReddit : Crazy ransomware gang abuses employee monitoring tool in attacksTelegram : Crazy ransomware gang abuses employee monitoring tool in attacksWhatsApp : Crazy ransomware gang abuses employee monitoring tool in attacksEmail : Crazy ransomware gang abuses employee monitoring tool in attacks
Police arrest seller of JokerOTP MFA passcode capturing tool
11
Feb
2026

Police arrest seller of JokerOTP MFA passcode capturing tool

The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that…

Share: X : Police arrest seller of JokerOTP MFA passcode capturing toolFacebook : Police arrest seller of JokerOTP MFA passcode capturing toolLinkedin : Police arrest seller of JokerOTP MFA passcode capturing toolReddit : Police arrest seller of JokerOTP MFA passcode capturing toolTelegram : Police arrest seller of JokerOTP MFA passcode capturing toolWhatsApp : Police arrest seller of JokerOTP MFA passcode capturing toolEmail : Police arrest seller of JokerOTP MFA passcode capturing tool