CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing.
The post Exploitation of ‘Copy Fail’ Linux Vulnerability Begins appeared first on SecurityWeek.
Microsoft confirms April Windows updates cause backup failures
Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. […]
OpenAI Rolls Out Advanced Security for ChatGPT Accounts
Advanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion.
The post OpenAI Rolls Out Advanced Security for ChatGPT Accounts appeared first on SecurityWeek.
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel.
The activity, detected by Ctrl-Alt-Intel on May 2, 2026, involves the
The activity, detected by Ctrl-Alt-Intel on May 2, 2026, involves the
Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access.
The post Over 40,000 Servers Compromised in Ongoing cPanel Exploitation appeared first on SecurityWeek.
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Hackers disrupted services and stole names, email addresses, student ID numbers, and user messages.
The post Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats appeared first on SecurityWeek.
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses.
The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership with the U.S. Federal
The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership with the U.S. Federal
Instructure confirms data breach, ShinyHunters claims attack
Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. […]
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. […]
US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems
Google, Microsoft, Amazon Web Services, Nvidia, OpenAI, Reflection and SpaceX will provide resources to help augment warfighter decision-making in complex operational environments,” the Defense Department said.
The post US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems appeared first on SecurityWeek.