Security news.
Today's security landscape is dominated by critical infrastructure threats and mass exploitation campaigns. Over 40,000 servers have been compromised via a cPanel zero-day, while DigiCert's certificate infrastructure was breached through a support portal hack. Additionally, actively exploited Linux vulnerabilities and
Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
CVE-2026-41940, a recently patched zero-day in cPanel, is being mass-exploited to breach websites and deploy "Sorry" ransomware, with attackers targeting government and MSP networks across multiple continents.
DigiCert Revokes Certificates After Support Portal Hack
Attackers delivered malware via a customer chat channel, compromised an analyst's system, and gained access to DigiCert's internal support portal, forcing certificate revocations.
CISA Warns "Copy Fail" Linux Vulnerability Now Actively Exploited
The "Copy Fail" Linux privilege escalation flaw is being exploited in the wild to gain root access, with CISA adding it to its Known Exploited Vulnerabilities catalog one day after proof-of-concept disclosure.
Progress Warns of Critical MOVEit Automation Authentication Bypass
Progress Software has issued an urgent patch for a critical authentication bypass vulnerability in MOVEit Automation, its enterprise-grade managed file transfer application.
Edtech Firm Instructure Discloses Data Breach
Instructure confirmed a breach in which attackers stole names, email addresses, student ID numbers, and user messages after disrupting services.
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing
The China-based cybercrime group Silver Fox is targeting organizations in Russia and India with a new malware called ABCDoor, using phishing emails impersonating India's Income Tax Department.
Microsoft April Updates Cause Third-Party Backup Failures
Microsoft has confirmed that April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver.
Critical cPanel Vulnerability Weaponized Against Government and MSP Networks
Unknown threat actors are exploiting CVE-2026-41940 to target government and military entities in Southeast Asia, along with MSPs and hosting providers across multiple countries.