Security news.
Today's cybersecurity landscape is marked by active exploitation of critical vulnerabilities, including a cPanel flaw and a new Linux privilege escalation bug. A significant development is the reported use of AI by hackers to develop a zero-day exploit, highlighting evolving threat capabilities. Supply chain attacks al
cPanel CVE-2026-41940 Actively Exploited
A critical cPanel and WebHost Manager (WHM) flaw (CVE-2026-41940) is under active exploitation by "Mr_Rot13" to deploy a "Filemanager" backdoor, allowing authentication bypass and elevated control.
Hackers Use AI for First Known Zero-Day 2FA Bypass
Google has identified a zero-day exploit, likely developed with AI, used by cybercrime actors to bypass 2FA for mass exploitation, marking a significant advancement in malicious AI use.
'Dirty Frag' Linux Exploit Poised for Enterprise Impact
A new privilege escalation vulnerability in the Linux kernel, dubbed "Dirty Frag" (CVE-2026-43284, CVE-2026-43500), similar to Dirty Pipe, may already be under limited exploitation.
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
A modified, malicious version of the Checkmarx Jenkins AST plugin was published to the Jenkins Marketplace; users are advised to ensure they are on version 2.0.13-829.vc72453fa_1c16 or older.
Instructure Confirms Canvas Flaw Used to Deface Portals
Education technology provider Instructure confirmed a vulnerability allowed hackers to modify Canvas login portals and display an extortion message, impacting thousands of schools.
Fake OpenAI Privacy Filter Repo on Hugging Face Delivers Infostealer
A malicious Hugging Face repository impersonating OpenAI's "Privacy Filter" reached the trending list, distributing a Rust-based information stealer to Windows users.
Skoda Data Breach Impacts Online Shop Customers
A vulnerability in Skoda's online shop portal allowed hackers to access customer names, addresses, email addresses, and phone numbers.
SailPoint Discloses GitHub Repository Hack
SailPoint reported a GitHub repository compromise on April 20, confirming that customer data in production and staging environments were not affected.