cPanel CVE-2026-41940 Was Actively Exploited for 30 Days Before Patch
CVE-2026-41940 is a CVSS 9.8 CRLF injection in cPanel and WHM confirmed exploited in the wild for 30+ days before the April 28
News
News
12 Allied Agencies Warn: China-Nexus Actors Are Building Covert Botnets from Your Routers and Cameras
CISA AA26-113A: Volt Typhoon, Salt Typhoon, and Flax Typhoon are weaponizing compromised SOHO routers, IoT devices, and firewalls into relay botnets for espionage
News
Ukrainian Police Arrest Three for Hijacking 610,000 Roblox Accounts via Cookie Theft
Ukrainian cyber police arrested three hackers who stole 610,000 Roblox accounts using cookie-harvesting malware, selling them on Russian platforms for $225,000.
News
Sandhills Medical Ransomware Breach Exposes 169,017 Patients’ PHI
Inc Ransom hit Sandhills Medical Foundation in May 2025. The healthcare FQHC took nearly a year to notify 169,017 affected patients — a
News
WordPress Quick Page/Post Redirect Plugin Hid Backdoor for Five Years, Affecting 70,000+ Sites
A dormant backdoor in the WordPress Quick Page/Post Redirect plugin silently ran SEO spam ops and enabled arbitrary code execution on 70,000+ sites
News
Checkmarx Confirms LAPSUS$ Supply Chain Attack: GitHub Data Stolen and Leaked
LAPSUS$ published malicious code to Checkmarx's GitHub environment on March 23, exfiltrated data March 30, then leaked it. Teams using Checkmarx must audit
News
Google Patches CVSS 10 Gemini CLI RCE Flaw Threatening CI/CD Pipelines
Google patches CVSS 10 RCE in Gemini CLI (GHSA-wpqr-6v78-jr5g) affecting @google/gemini-cli npm package and GitHub Actions CI/CD workflows.
Blog
VECT 2.0 Ransomware Wiper Analysis: Why Files Over 128 KB Are Permanently Unrecoverable
VECT 2.0 ransomware destroys files over 128 KB due to a broken ChaCha20 nonce loop — technical breakdown and IR guidance for incident
News
CVE-2026-32202: APT28 Exploits Zero-Click Windows Shell Flaw to Steal NTLM Credentials
APT28 actively exploits CVE-2026-32202, a zero-click Windows Shell spoofing flaw that coerces NTLM authentication via malicious LNK files. Patch now.
Vulnerability Analysis
Cybersecurity News
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Win...