LiteSpeed cPanel Plugin CVE-2026-48172 Exploited for Root Scripts
LiteSpeed says CVE-2026-48172 is being actively exploited in its user-end cPanel plugin.…
NGINX CVE-2026-42945 Exposes Rewrite Rules to Crash and RCE Risk
CVE-2026-42945 affects NGINX rewrite rules that combine unnamed PCRE captures with question-mark…
Fragnesia CVE-2026-46300 Gives Linux Attackers Root Access
Fragnesia is a separate Linux kernel flaw in the Dirty Frag class.…
Exim CVE-2026-45185 Dead.Letter Can Lead to Mail Server RCE
Exim 4.99.3 fixes CVE-2026-45185 Dead.Letter, a GnuTLS/BDAT use-after-free that can expose internet-facing…
cPanel CVE-2026-41940 Exploited to Drop Filemanager Backdoor
Attackers are exploiting cPanel & WHM CVE-2026-41940 to deploy a Filemanager backdoor,…
Dirty Frag Linux Kernel Bugs Can Turn Local Access Into Root
Dirty Frag chains Linux kernel bugs into local root escalation. The practical…
PamDOORa Linux PAM Backdoor Turns SSH Login Into a Trap
PamDOORa is a Linux PAM-based backdoor marketed for persistent OpenSSH access and…
Is JDownloader Safe?
JDownloader says attackers changed several official website download links on May 6-7,…
cPanel WHM Patches File Read and Code Injection Bugs
cPanel patched three WHM and WP Squared vulnerabilities affecting server control paths,…
QLNX RAT Targets Linux Developer and Cloud Credentials
Trend Micro reports QLNX, a Linux-focused Quasar RAT variant that combines persistence,…
PyPI ZiChatBot Packages Linked to Suspected OceanLotus Campaign
Kaspersky reports a suspected OceanLotus campaign that used malicious PyPI packages to…
Bootkitty Bootkit Discovered in the Wild, Targeting Linux
Cybersecurity researchers have reported the creation of a first-of-its-kind UEFI bootkit for…