April 2026

cPanel zero-day exploited for months before patch release (CVE-2026-41940)

cPanel zero-day exploited for months before patch release (CVE-2026-41940) 2026-04-30 at 16:45 By Zeljka Zorz A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical […]

cPanel zero-day exploited for months before patch release (CVE-2026-41940) Read More »

Microsoft boss tells investors the company is working to ‘win back fans’

Microsoft boss tells investors the company is working to ‘win back fans’ 2026-04-30 at 16:17 By Richard Speed But why did those fans go away in the first place, Satya? Microsoft boss Satya Nadella told investors during an earnings call last night that the company needs to “win back” its fans.… This article is an

Microsoft boss tells investors the company is working to ‘win back fans’ Read More »

Cisco releases open-source toolkit for verifying AI model lineage

Cisco releases open-source toolkit for verifying AI model lineage 2026-04-30 at 16:02 By Mirko Zorz Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026

Cisco releases open-source toolkit for verifying AI model lineage Read More »

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks 2026-04-30 at 16:02 By Eduard Kovacs An attacker could have planted a malicious configuration to execute commands outside the sandbox. The post Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks Read More »

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials 2026-04-30 at 16:02 By Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials Read More »

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades 2026-04-30 at 16:02 By Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations.

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades Read More »

Fewer users, fatter wallets is why Anthropic tops OpenAI in LLM revenue stakes

Fewer users, fatter wallets is why Anthropic tops OpenAI in LLM revenue stakes 2026-04-30 at 15:32 By Carly Page AI boom splits between companies hoarding eyeballs and those actually charging for them Anthropic is pulling in more LLM revenue than OpenAI, despite having a fraction of the users.… This article is an excerpt from The

Fewer users, fatter wallets is why Anthropic tops OpenAI in LLM revenue stakes Read More »

Met Police face criticism for using AI to spy on their own officers

Met Police face criticism for using AI to spy on their own officers 2026-04-30 at 15:31 By Sinisa Markovic London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported

Met Police face criticism for using AI to spy on their own officers Read More »

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) 2026-04-30 at 15:31 By Zeljka Zorz Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) Read More »

Researchers develop tool to expose GPS signal spoofing in transit networks

Researchers develop tool to expose GPS signal spoofing in transit networks 2026-04-30 at 15:31 By Anamarija Pogorelec The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce

Researchers develop tool to expose GPS signal spoofing in transit networks Read More »

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs 2026-04-30 at 15:31 By Anamarija Pogorelec Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs Read More »

Hackers arrested for stealing and reselling 600,000 Roblox accounts

Hackers arrested for stealing and reselling 600,000 Roblox accounts 2026-04-30 at 15:31 By Sinisa Markovic Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the

Hackers arrested for stealing and reselling 600,000 Roblox accounts Read More »

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking 2026-04-30 at 15:31 By Eduard Kovacs Claroty researchers discovered two vulnerabilities that can be exploited for security bypass and remote code execution. The post EnOcean SmartServer Flaws Expose Buildings to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking Read More »

Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005

Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005 2026-04-30 at 14:51 By Carly Page Turns out the real problem is not AI but staff still clicking on dodgy emails from ‘IT support’ Nearly half of UK businesses are still getting breached, and in many cases, the

Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005 Read More »

What type of ‘C2 on a sleep cycle’ do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia

What type of ‘C2 on a sleep cycle’ do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia 2026-04-30 at 14:51 By Jessica Lyons Just in time for the Trump-Xi summit Exclusive  A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly

What type of ‘C2 on a sleep cycle’ do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia Read More »

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months 2026-04-30 at 14:51 By Ionut Arghire The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months Read More »

Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day

Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day 2026-04-30 at 13:57 By Connor Jones Emergency patches out now for those managing the millions of domains assumed to be affected Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain

Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day Read More »

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover 2026-04-30 at 13:56 By Ionut Arghire Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions. The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover Read More »

Met Police’s Palantir deployment has its own officers watching their backs

Met Police’s Palantir deployment has its own officers watching their backs 2026-04-30 at 13:04 By SA Mathieson Federation warns members to ditch work devices off duty as force uses AI to probe 600+ cops London cops are being told by their staff association to be “extremely cautious” about carrying work devices off duty, after the

Met Police’s Palantir deployment has its own officers watching their backs Read More »

Scroll to Top