Critical cPanel and WHM bug exploited as a zero-day, PoC now available

Published on April 30, 2026

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]

Continue reading on website
Other news

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

April 30, 2026
IntroA sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

April 30, 2026
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts."The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an