Security News

Filter by:

Gootloader now uses 1,000-part ZIP archives for stealthy delivery

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection by concatenating up to 1,000 archives. [...]
Bleepingcomputer 16 Jan 2026 3365 Views

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
Dark Reading 14 Jan 2026 17581 Views

Instagram denies breach amid claims of 17 million account data leak

Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. [...]
Bleepingcomputer 12 Jan 2026 3471 Views

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by including it in generated files. [...]
Bleepingcomputer 8 Jan 2026 3632 Views

New D-Link flaw in legacy DSL routers actively exploited in attacks

Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago...
Bleepingcomputer 7 Jan 2026 3590 Views

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers' control...
The Hacker News 7 Jan 2026 3483 Views

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems. [...]
Bleepingcomputer 6 Jan 2026 3482 Views

WhatsApp Vulnerabilities Leaks User’s Metadata Including Device’s Operating System

WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues persist. Meta’s WhatsApp, with over 3 billion...
Cyber Security News 6 Jan 2026 9258 Views

The biggest cybersecurity and cyberattack stories of 2025

2025 was a big year for cybersecurity, with cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day flaws exploited in breaches. Some stories, though, were more impactful or popular with our readers than others. ...
Bleepingcomputer 2 Jan 2026 3069 Views

New ErrTraffic service enables ClickFix attacks via fake browser glitches

A new cybercrime tool called ErrTraffic allows threat actors to automate ClickFix attacks by generating 'fake glitches' on compromised websites to lure users into downloading payloads or following malicious instructions [...]
Bleepingcomputer 31 Dec 2025 2794 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY