Category: Bleeping Computer

Email
27
Jan
2026

Over 6,000 SmarterMail servers exposed to automated hijacking attacks

Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical…

Share: X : Over 6,000 SmarterMail servers exposed to automated hijacking attacksFacebook : Over 6,000 SmarterMail servers exposed to automated hijacking attacksLinkedin : Over 6,000 SmarterMail servers exposed to automated hijacking attacksReddit : Over 6,000 SmarterMail servers exposed to automated hijacking attacksTelegram : Over 6,000 SmarterMail servers exposed to automated hijacking attacksWhatsApp : Over 6,000 SmarterMail servers exposed to automated hijacking attacksEmail : Over 6,000 SmarterMail servers exposed to automated hijacking attacks
SoundCloud
27
Jan
2026

SoundCloud data breach impacts 29.8 million accounts

Hackers have stolen the personal and contact information belonging to over 29.8 million SoundCloud user accounts after breaching the audio…

Share: X : SoundCloud data breach impacts 29.8 million accountsFacebook : SoundCloud data breach impacts 29.8 million accountsLinkedin : SoundCloud data breach impacts 29.8 million accountsReddit : SoundCloud data breach impacts 29.8 million accountsTelegram : SoundCloud data breach impacts 29.8 million accountsWhatsApp : SoundCloud data breach impacts 29.8 million accountsEmail : SoundCloud data breach impacts 29.8 million accounts
New malware service guarantees phishing extensions on Chrome web store
27
Jan
2026

New malware service guarantees phishing extensions on Chrome web store

A new malware-as-a-service (MaaS) called ‘Stanley’ promises malicious Chrome extensions that can clear Google’s review process and publish them to the…

Share: X : New malware service guarantees phishing extensions on Chrome web storeFacebook : New malware service guarantees phishing extensions on Chrome web storeLinkedin : New malware service guarantees phishing extensions on Chrome web storeReddit : New malware service guarantees phishing extensions on Chrome web storeTelegram : New malware service guarantees phishing extensions on Chrome web storeWhatsApp : New malware service guarantees phishing extensions on Chrome web storeEmail : New malware service guarantees phishing extensions on Chrome web store
StealC hackers hacked as researchers hijack malware control panels
27
Jan
2026

New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately…

Share: X : New ClickFix attacks abuse Windows App-V scripts to push malwareFacebook : New ClickFix attacks abuse Windows App-V scripts to push malwareLinkedin : New ClickFix attacks abuse Windows App-V scripts to push malwareReddit : New ClickFix attacks abuse Windows App-V scripts to push malwareTelegram : New ClickFix attacks abuse Windows App-V scripts to push malwareWhatsApp : New ClickFix attacks abuse Windows App-V scripts to push malwareEmail : New ClickFix attacks abuse Windows App-V scripts to push malware
Microsoft Office
26
Jan
2026

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security…

Share: X : Microsoft patches actively exploited Office zero-day vulnerabilityFacebook : Microsoft patches actively exploited Office zero-day vulnerabilityLinkedin : Microsoft patches actively exploited Office zero-day vulnerabilityReddit : Microsoft patches actively exploited Office zero-day vulnerabilityTelegram : Microsoft patches actively exploited Office zero-day vulnerabilityWhatsApp : Microsoft patches actively exploited Office zero-day vulnerabilityEmail : Microsoft patches actively exploited Office zero-day vulnerability
Cloudflare
26
Jan
2026

Cloudflare misconfiguration behind recent BGP route leak

Cloudflare has shared more details about a recent 25-minute Border Gateway Protocol (BGP) route leak affecting IPv6 traffic, which caused measurable congestion,…

Share: X : Cloudflare misconfiguration behind recent BGP route leakFacebook : Cloudflare misconfiguration behind recent BGP route leakLinkedin : Cloudflare misconfiguration behind recent BGP route leakReddit : Cloudflare misconfiguration behind recent BGP route leakTelegram : Cloudflare misconfiguration behind recent BGP route leakWhatsApp : Cloudflare misconfiguration behind recent BGP route leakEmail : Cloudflare misconfiguration behind recent BGP route leak
European Union flag
26
Jan
2026

EU launches investigation into X over Grok-generated sexual images

The European Commission announced today that it has launched formal proceedings under the Digital Services Act to investigate whether X…

Share: X : EU launches investigation into X over Grok-generated sexual imagesFacebook : EU launches investigation into X over Grok-generated sexual imagesLinkedin : EU launches investigation into X over Grok-generated sexual imagesReddit : EU launches investigation into X over Grok-generated sexual imagesTelegram : EU launches investigation into X over Grok-generated sexual imagesWhatsApp : EU launches investigation into X over Grok-generated sexual imagesEmail : EU launches investigation into X over Grok-generated sexual images
Telnet
26
Jan
2026

Nearly 800,000 Telnet servers exposed to remote attacks

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass…

Share: X : Nearly 800,000 Telnet servers exposed to remote attacksFacebook : Nearly 800,000 Telnet servers exposed to remote attacksLinkedin : Nearly 800,000 Telnet servers exposed to remote attacksReddit : Nearly 800,000 Telnet servers exposed to remote attacksTelegram : Nearly 800,000 Telnet servers exposed to remote attacksWhatsApp : Nearly 800,000 Telnet servers exposed to remote attacksEmail : Nearly 800,000 Telnet servers exposed to remote attacks
6 Okta security settings you might have overlooked
26
Jan
2026

6 Okta security settings you might have overlooked

In today’s SaaS-first organizations, identity providers like Okta hold the digital keys to the kingdom. As organizations continue to consolidate…

Share: X : 6 Okta security settings you might have overlookedFacebook : 6 Okta security settings you might have overlookedLinkedin : 6 Okta security settings you might have overlookedReddit : 6 Okta security settings you might have overlookedTelegram : 6 Okta security settings you might have overlookedWhatsApp : 6 Okta security settings you might have overlookedEmail : 6 Okta security settings you might have overlooked
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
26
Jan
2026

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

The defense mechanisms that NPM introduced after the ‘Shai-Hulud’ supply-chain attacks have weaknesses that allow threat actors to bypass them via…

Share: X : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesFacebook : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesLinkedin : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesReddit : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesTelegram : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesWhatsApp : Hackers can bypass npm’s Shai-Hulud defenses via Git dependenciesEmail : Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
VMware
26
Jan
2026

CISA says critical VMware RCE flaw now actively exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical VMware vCenter Server vulnerability as actively exploited and…

Share: X : CISA says critical VMware RCE flaw now actively exploitedFacebook : CISA says critical VMware RCE flaw now actively exploitedLinkedin : CISA says critical VMware RCE flaw now actively exploitedReddit : CISA says critical VMware RCE flaw now actively exploitedTelegram : CISA says critical VMware RCE flaw now actively exploitedWhatsApp : CISA says critical VMware RCE flaw now actively exploitedEmail : CISA says critical VMware RCE flaw now actively exploited
ChatGPT
26
Jan
2026

ChatGPT Temporary chat feature is getting a much-needed upgrade

OpenAI is testing a big upgrade for ChatGPT’s temporary chat feature. The update will allow you to retain personalization in temporary…

Share: X : ChatGPT Temporary chat feature is getting a much-needed upgradeFacebook : ChatGPT Temporary chat feature is getting a much-needed upgradeLinkedin : ChatGPT Temporary chat feature is getting a much-needed upgradeReddit : ChatGPT Temporary chat feature is getting a much-needed upgradeTelegram : ChatGPT Temporary chat feature is getting a much-needed upgradeWhatsApp : ChatGPT Temporary chat feature is getting a much-needed upgradeEmail : ChatGPT Temporary chat feature is getting a much-needed upgrade