← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is heavily influenced by AI, with new phishing services leveraging AI assistants and warnings about AI accelerating cybercrime. Critical vulnerabilities are being actively exploited in cPanel & WHM, and supply chain attacks continue to target popular development packages like PyTorch Lightning and SAP npm packages.

BLEEPINGZERO-DAY
Apr 30READ

Critical cPanel & WHM Bug Exploited as Zero-Day

A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, WHM, and WP Squared is being actively exploited in the wild, allowing attackers to gain administrative access.

BLEEPINGVULN
Apr 30READ

New Linux 'Copy Fail' Flaw Grants Root Access

An exploit has been published for a local privilege escalation vulnerability, "Copy Fail," impacting Linux kernels since 2017, allowing unprivileged local attackers to gain root permissions.

THNSUPPLY CHAIN
Apr 30READ

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks

Threat actors compromised the popular Python package Lightning (versions 2.6.2 and 2.6.3) and Intercom-client to push malicious versions designed for credential theft.

SECURITYWEEKSUPPLY CHAIN
Apr 30READ

SAP NPM Packages Targeted in Supply Chain Attack

Multiple official SAP npm packages were compromised in the "Mini Shai-Hulud" supply chain attack, aiming to steal credentials and authentication tokens from developers' systems.

SECURITYWEEKEXPLOIT
Apr 30READ

AI Fuels ‘Industrial’ Cybercrime, Time-to-Exploit Shrinks to Hours

AI is accelerating cybercrime, leading to industrialized attacks with greater scale and speed, with the time-to-exploit vulnerabilities shrinking significantly.

BLEEPINGPHISHING
Apr 30READ

New Bluekit Phishing Service Includes AI Assistant, 40 Templates

A new phishing kit named Bluekit offers over 40 templates targeting popular services and incorporates basic AI features to generate campaign drafts.

SECURITYWEEKPATCH
Apr 30READ

SonicWall Urges Immediate Patching of Firewall Vulnerabilities

SonicWall has released advisories urging immediate patching for firewall vulnerabilities that could allow attackers to bypass security controls, access restricted services, and crash devices.

BLEEPING
Apr 30READ

April Windows 11 Update Causes Backup Software Failures

The April 2026 KB5083769 security update for Windows 11 24H2 and 25H2 is causing failures in third-party backup applications from multiple vendors.

Generated twice daily from public security RSS feeds. Informational only.