Skip to main content

Security News

Filter by:

Microsoft quietly extends free Windows 10 ESU support to October 2027

Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027. [...]
Bleepingcomputer 26 Jun 2026 930 Views

New macOS malware embeds fake errors to confuse AI analysis tools

A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. [...]
Bleepingcomputer 26 Jun 2026 904 Views

Order-tracking app Shop abused to push callback phishing attacks

Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]
Bleepingcomputer 26 Jun 2026 838 Views

Windows Secure Boot Certificate Expired — Billions of PCs Affected Including Linux Distros

The clock has run out. As of June 24, 2026, the first of Microsoft’s original Secure Boot certificates, the Microsoft Corporation KEK CA 2011, has officially expired, with the Microsoft UEFI CA 2011 following on June 27, 2026. A...
Cyber Security News 26 Jun 2026 1084 Views

Malicious Edge extension abuses Native Messaging as bridge to malware

A malicious Microsoft Edge extension dubbed 'Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor...
Bleepingcomputer 25 Jun 2026 1026 Views

Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access

New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices...
Bleepingcomputer 25 Jun 2026 1054 Views

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]
Bleepingcomputer 24 Jun 2026 1258 Views

AryStinger botnet infected thousands of D-Link routers worldwide

A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious traffic. [...]
Bleepingcomputer 21 Jun 2026 1572 Views

GentleKiller Ransomware Abuses Vulnerable Drivers to Disable 400+ EDR Security Processes

A highly sophisticated EDR-killing framework, dubbed GentleKiller, was used by the Gentlemen ransomware-as-a-service (RaaS) gang to systematically disable endpoint security tools before deploying its ransomware payload. The findings by ESET, published on June 17, 2026...
Cyber Security News 21 Jun 2026 1796 Views

New Prinz Eugen ransomware prioritizes recent files for encryption

A new ransomware operation named 'Prinz Eugen' prioritizes recently modified files for encryption and leaves no ransom note on the system. [...]
Bleepingcomputer 20 Jun 2026 1581 Views