Security news.
Critical vulnerabilities in widely-used enterprise software are under active exploitation, with over 40,000 cPanel servers already compromised. Meanwhile, supply chain attacks continue through backdoored packages and source code breaches, while a major Linux kernel flaw has been added to CISA's KEV list as exploitation
Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
Attackers are actively exploiting CVE-2026-41940, a recently patched zero-day in cPanel that grants administrative access, targeting government, military, and MSP networks across multiple regions.
CISA Warns "Copy Fail" Linux Vulnerability Now Exploited in the Wild
CISA added CVE-2026-31431 to its KEV catalog after threat actors began exploiting this local privilege escalation flaw to gain root access on Linux systems.
Backdoored PyTorch Lightning Package Delivers Credential Stealer
A malicious version published on PyPI steals credentials from browsers, environment files, and cloud services, highlighting ongoing supply chain risks in Python ecosystems.
Trellix Discloses Data Breach After Source Code Repository Hack
The cybersecurity firm confirmed attackers gained unauthorized access to a portion of its source code repository, though no impact on source code release or distribution has been found.
Phishing Campaign VENOMOUS#HELPER Hits 80+ Organizations Using RMM Tools
An active campaign since April 2025 leverages legitimate SimpleHelp and ScreenConnect RMM software to establish persistent remote access, primarily targeting U.S. organizations.
Progress Patches Critical MOVEit Automation Authentication Bypass
Progress released updates addressing a critical flaw in MOVEit Automation that could allow attackers to bypass authentication in the enterprise file transfer solution.
DigiCert Revokes Certificates After Support Portal Hack
Attackers delivered malware via a customer chat channel, compromised an analyst's system, and accessed the internal support portal, forcing certificate revocations.
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
ShinyHunters claimed responsibility for the breach that exposed names, email addresses, student IDs, and user messages from the educational technology platform.