Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Showing posts with label Vulnerabilities and Exploits. Show all posts

Researchers Warn of Unpatched Argo CD Flaw That Enables Cluster Takeover

 


Organizations using Argo CD to automate application deployments on Kubernetes are being urged to review their network configurations after security researchers disclosed an unpatched vulnerability that could allow attackers to execute arbitrary code on the platform's repo-server component and ultimately seize control of an entire Kubernetes cluster.

The vulnerability was identified by French cybersecurity firm Synacktiv, which says the issue affects the repo-server, a core Argo CD service responsible for retrieving application source code from Git repositories and converting it into Kubernetes manifests before workloads are deployed. Because the repo-server sits at the center of the GitOps deployment process, compromising it gives an attacker an opportunity to interfere with how applications are delivered throughout the cluster.

According to the researchers, exploitation does not require authentication. An attacker only needs network access to the repo-server's internal gRPC service, which accepts requests from other Argo CD components but does not verify the identity of the caller. Once that communication channel becomes reachable, a specially crafted request can be used to trigger remote code execution on the vulnerable service.

Synacktiv reported the vulnerability to the Argo CD maintainers in January 2025 through a responsible disclosure process. However, roughly eighteen months later, the issue remains unresolved, with no official security patch or CVE identifier assigned. The researchers chose to disclose their findings publicly to give administrators time to strengthen their deployments while awaiting a permanent fix.

At the center of the attack is Argo CD's repo-server, which continuously retrieves application definitions stored in Git repositories and prepares them for deployment by generating Kubernetes manifests. These manifests describe the desired state of applications, including containers, services, networking, storage, and other deployment configurations that Kubernetes uses to build and manage workloads. Since every deployment passes through this component, gaining control of the repo-server can provide attackers with extensive influence over the software being deployed inside a cluster.

The vulnerability stems from an unauthenticated internal gRPC interface exposed by the repo-server. gRPC is a high-performance communication framework commonly used for communication between services inside distributed applications. In Argo CD's design, the interface is intended for trusted internal communication. However, Synacktiv found that the service performs no authentication checks, allowing any system capable of reaching the port to submit requests that the repo-server will process.

The researchers demonstrated the attack against Argo CD version 2.13.3. They noted that no patched release currently exists and did not publish a complete list of affected versions, leaving administrators without a definitive inventory of vulnerable deployments.

To achieve code execution, the attack abuses Kustomize, a Kubernetes configuration management tool that Argo CD relies on to generate deployment manifests. Kustomize can also invoke Helm, another widely used package manager for Kubernetes, through the "--helm-command" option that specifies which executable should be launched.

Instead of directing Kustomize to the legitimate Helm binary, Synacktiv discovered that an attacker can send a malicious GenerateManifest request instructing it to execute a script stored inside an attacker-controlled Git repository. When Kustomize begins processing the deployment, it unknowingly launches the attacker's script in place of Helm, providing arbitrary code execution within the repo-server environment.

Although the vulnerable interface is intended to remain internal, the researchers warn that internal services should not automatically be considered secure. Kubernetes clusters frequently host dozens or even hundreds of interconnected workloads, and a compromise affecting a single pod can become the starting point for lateral movement if internal communication is not properly restricted.

Argo CD includes Kubernetes NetworkPolicy resources designed to limit access to sensitive services such as the repo-server and Redis. However, Synacktiv found that these protections are disabled by default when Argo CD is deployed using its Helm chart because the "networkPolicy.create" option is set to "false". As a result, installations that rely on the default configuration may unintentionally leave the repo-server reachable from other workloads running inside the cluster.

In such environments, compromising a single pod may be enough for an attacker to contact the repo-server and exploit the vulnerability.

The researchers also demonstrated that remote code execution represents only the beginning of the attack chain. After obtaining execution on the repo-server, they extracted the Redis password stored in an environment variable, authenticated to Argo CD's Redis instance, and modified cached deployment information. When Argo CD later performed its routine synchronization with the Git repository, the poisoned cache caused the platform to deploy an attacker-controlled workload instead of the intended application.

According to Synacktiv, this technique effectively revives a previously addressed weakness tracked as CVE-2024-31989. That earlier vulnerability, discovered by Cycode, exposed Argo CD deployments where Redis lacked password protection, allowing any pod inside the cluster to manipulate deployment cache data. Although Argo CD later introduced Redis password protection to address that issue, the cache contents themselves remain unsigned. By stealing the Redis credentials through the newly disclosed repo-server vulnerability, attackers can once again tamper with deployment data and recreate a similar compromise path.

With no software update currently available, researchers recommend treating network segmentation as the primary line of defense. Administrators should enable Kubernetes NetworkPolicy rules to ensure that only legitimate Argo CD components can communicate with the repo-server and Redis services. Organizations deploying Argo CD through Helm should verify that these policies have been explicitly enabled rather than relying on the chart's default configuration.

Administrators can inspect active network policies by running:

"kubectl get networkpolicy -A"

A properly secured deployment should display dedicated network policies protecting each Argo CD component, including both the repo-server and Redis. Missing policies may indicate that sensitive internal services remain accessible to other workloads inside the cluster.

To help organizations evaluate their exposure, Synacktiv developed a proof-of-concept tool named argo-cdown, capable of automating the complete attack chain. The researchers have postponed its public release to provide defenders with additional time to secure vulnerable environments. The tool is expected to be published on GitHub later, allowing administrators to validate the effectiveness of their own security controls.

The newly disclosed vulnerability is the latest in a series of security issues affecting Argo CD's privileged position within Kubernetes environments. In September 2025, the project patched CVE-2025-55190 after researchers found that an API token with only basic read permissions could retrieve Git repository credentials associated with a project. Several months later, in May 2026, another flaw tracked as CVE-2026-42880 enabled read-only users to access plaintext Kubernetes secrets.

Taken together, these incidents point to a recurring challenge rather than isolated implementation flaws. Argo CD occupies one of the most privileged positions within Kubernetes deployments, maintaining access to source repositories, deployment pipelines, cluster resources, and sensitive credentials. As a result, weaknesses affecting its internal services can quickly become pathways to broader infrastructure compromise.

Until an official patch becomes available, organizations should assume that internal cluster traffic cannot always be trusted. Restricting communication between workloads, enabling Kubernetes NetworkPolicy protections, and limiting access to critical Argo CD services remain the most effective measures for reducing exposure to this newly disclosed attack technique.

Remote Exploits Target Controller Flaws in Highway Signs and Digital Billboards


 

With the increasing integration of digital display infrastructure within transportation networks and public information systems, vulnerabilities within controllers that operate these assets present an increasing threat to cybersecurity. 

A number of Daktronics display controllers have been reported to contain critical and high-severity vulnerabilities that could allow unauthorized remote access to the content appearing on the highway message boards, roadside signs, and digital billboards. 

According to an independent cybersecurity researcher who identified the security flaws and subsequently published an advisory, widespread deployment of controller models for the management of large-scale LED display systems within highways, airports, sports stadiums, and urban advertising networks are affected by the flaws. 

A variety of vulnerabilities within operating display technologies are identified in this study, which illustrate how they can affect more than just the security of the system, resulting in tangible risk to public communications, infrastructure integrity, and reliability of information delivered via connected electronic signage. 

According to the latest advisory issued by CISA under ICSA-26-176-04, the Daktronics VFC-DMP-5000, DMP-5000, and DMP-8000 display controllers are affected. A total of nine vulnerabilities have been disclosed which expose weaknesses across directory access, file management, and administrative authentication. One of the vulnerabilities, CVE-2026-28701, allows both authenticated and unauthenticated remote users to enumerate arbitrary paths on the file system irrespective of their identity. Secondly, CVE-2026-33560 pertains to the DMP-5000 file service, where authenticated users can upload files of any type without being validated, enabling the deployment of unauthorized content. CVE-2026-31928 relates to a default administrative web account that is configured with weak authentication controls and does not require password modification during deployment, which allows attackers to gain full control of the system if left unchanged. 

Security researcher Thomas Jou, an undergraduate at Princeton University, discovered the vulnerabilities after discovering a number of internet-facing controllers with the potential to be remotely targeted. It has been reported that Jou submitted his findings via CISA's VINCE vulnerability reporting platform in early January 2026, which enabled Daktronics to prepare patched firmware by early March, prior to the release of a public advisory.

Despite the availability of updated firmware, the researcher stressed that organizations must ensure affected controllers are not exposed directly to the public internet, as patching alone does not eliminate unnecessary attack surfaces. In addition to the mitigation guidance provided by Daktronics, customers are encouraged to change default administrative credentials. 

In June, a security incident involving a FIFA World Cup API authorization flaw exposed live television broadcasts to an account takeover, following several instances of security incidents involving publicly accessible infrastructure and digital platforms. A cPanel vulnerability affecting over 550,000 servers was exploited last month, as was the compromise of airport public address systems across Canada and the United States last year, during which unauthorized political and anti-Israel messages were broadcast. 

These incidents provide an example of how overlooked vulnerabilities in internet-connected communication and operational systems can rapidly develop into high-impact disruptions with public consequences if not addressed. The underlying controllers of connected display technologies require the same level of security oversight as any other internet-accessible operational system as they become an integral component of public infrastructure. 

The timely management of patches, removal of unnecessary external exposures, and strong authentication practices are all necessary to prevent vulnerabilities from becoming potential avenues for real-world disruption. As operators are reminded by these findings, the resilience of public-facing digital infrastructure depends on both its deployment and its design in equal measure.

CISA Orders Immediate Patch for Actively Exploited Cisco Unified CM SSRF Flaw

 

CISA has moved quickly against a serious Cisco vulnerability because the issue is already being exploited and could expose government and enterprise communications systems to deeper compromise. The flaw, CVE-2026-20230, affects Cisco Unified Communications Manager and Cisco Unified CM Session Management Edition, and it sits in a service many organizations rely on for voice and collaboration traffic. 

At the center of the problem is a server-side request forgery vulnerability tied to how the product handles certain HTTP requests. An attacker does not need valid credentials to trigger the flaw, but exploitation depends on the WebDialer service being enabled, which makes exposed or poorly reviewed deployments especially risky. Cisco said a successful attack could allow the creation of files on the underlying operating system, a step that can later be used to elevate privileges toward root access. 

The urgency increased when CISA added the bug to its Known Exploited Vulnerabilities catalog and set a remediation deadline of Sunday, June 28, under Binding Operational Directive 26-04. That move signals that federal agencies must treat the issue as an immediate operational priority rather than a routine patch cycle item. In practical terms, the deadline compresses response time and pushes administrators to verify exposure, apply fixes, and reduce attack surface without delay. 

Cisco has already issued remediation guidance, and the strongest interim step is to disable the WebDialer service until patched builds are in place. The fixed releases cited in the advisories include Unified CM 14SU6 and the upcoming 15SU5 path, while some deployments may use a temporary COP file as a bridge until the full update is available. Because there is no complete workaround, organizations that cannot patch quickly need to assume the risk remains active.

For organizations, the lesson is that collaboration platforms are now a high-value target for attackers because they often sit deep inside trusted networks and can expose sensitive internal services if compromised. For security teams, this is not just another Cisco alert; it is a reminder to inventory Unified CM systems, check whether WebDialer is enabled, review logs for suspicious requests, and confirm that exposed management interfaces are minimized. Quick action matters here because the combination of public exploit knowledge, active abuse, and privileged access potential makes this flaw especially dangerous.

Ubiquiti UniFi OS Flaw Under Active Exploitation CISA Alerts Users


 

A new focus on network infrastructure devices has been drawn after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged several security vulnerabilities in Ubiquiti's UniFi OS platform. Following evidence of active exploitation, the KEV catalog was updated to include these vulnerabilities. 

Among the identified vulnerabilities are access control bypass, path traversal, and command injection vulnerabilities, which researchers warn can provide attackers with direct access from unauthenticated access to a complete system compromise. With UniFi OS widely deployed across enterprise, government, and service provider environments to manage networking equipment, the vulnerabilities present a significant threat to administrative control planes and sensitive operational information. 

In the latest CISA alert, researchers have demonstrated that Internet-exposed management interfaces present an increased threat, as researchers have demonstrated how these flaws may be chained together to facilitate privileged remote code execution. In response, federal agencies and organizations are urging them to expedite remediation efforts before further exploitation activity occurs. 

Inclusions of the KEVs are based on three distinct vulnerabilities that affect UniFi OS, when combined, significantly increases the attack surface of exposed deployments. In this vulnerability, unauthenticated actors have the capability to alter system settings and administrative configurations without authorization as a result of an access control bypass weakness. 

The CVE-2026-4909 vulnerability exposes a path traversal condition that is capable of exposing underlying operating system files, potentially revealing credentials, configuration data, and other sensitive information that can be used to carry out further intrusions. As a result of an improper input validation attack, CVE-2026-34910 can be exploited to execute arbitrary operating system commands on targeted devices. 

All three vulnerabilities were addressed by Ubiquiti through security updates released in May, noting that exploiting the vulnerabilities does not require prior authorization or elevated privileges, making timely patch deployment critical for organizations using UniFi infrastructure. 

Following the analysis, Bishop Fox security researchers have demonstrated that these vulnerabilities are not isolated risks but can be chained together to permit remote code execution on affected systems using privileged privileges. Using their findings, attackers were able to gain complete control over vulnerable UniFi OS instances by gaining initial unauthorized access, demonstrating how severe this vulnerability is in real-world environments. 

Additionally, the researchers published a detection utility to assist defenders in identifying and remediating vulnerable deployments across enterprise networks on GitHub. In conjunction with the CISA alert, active exploitation concerns have also been raised regarding CVE-2025-67038, a critical root-level command injection vulnerability on Lantronix EDS5000 servers using firmware version 2.1.0.0R3 of Lantronix servers. 

Shell commands are invoked as part of the mechanism used to record failed authentication attempts within the device's HTTP RPC component, where the flaw occurs. During the process of handling user input, improper handling could lead to command injection, making it possible for attackers to execute arbitrary commands with root privileges on the affected system. 

By adding the UniFi OS flaws to CISA's Known Exploited Vulnerabilities catalog, the vulnerabilities fall under the remediation requirements of Binding Operational Directive 22-01. According to this directive, federal civilian agencies are required to remediate actively exploited vulnerabilities within prescribed timelines in order to reduce operational risk. 

A response has been provided by CISA, which has ordered that agencies rectify CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 by June 26, 2026, while also recommending that organizations in the private sector evaluate their environments against the KEV catalog and prioritize exposed systems that could be exploited in ongoing attacks. However, reports emerging from community forums and Reddit discussions suggest that threat actors may have weaponized the vulnerabilities before they were disclosed, even though Ubiquiti's security advisories did not explicitly refer to active exploitation. 

Researchers believe that rogue accounts were unexpectedly created by administrators using the username “John Sim,” a process researchers believe might have been linked to automated reconnaissance operations targeting unattended UniFi deployments that were accessible via the internet. 

The Bishop Fox team conducted a technical analysis of CVE-2026-34908 and CVE-2026-34909 and determined that they could be used as part of an authentication gateway bypass resulting from inconsistencies in the way NGINX interprets specially crafted requests. Through the submission of requests that appear to target authentication-exempt routes, but which normalize into protected internal endpoints, attackers may be able to access backend services normally required to log in. 

Research indicates that the bypass can be exploited to trigger CVE-2026-34910, a command injection flaw associated with improper validation of package names during update operations. The researchers validated the bypass against UniFi OS 5.0.6 test environments. 

Using shell metacharacters inserted in crafted package parameters and forcing execution through the affected code path, attackers may be able to execute operating system commands without authentication by enforcing shell metacharacters in the package parameters. This issue goes beyond individual devices. 

As outlined by the Centre for Cybersecurity Belgium, UniFi OS platforms provide visibility and control across switches, gateways, wireless networks, and connected assets, acting as central management systems for network infrastructure. By successfully compromising a system, attackers may be able to harvest credentials, manipulate network configurations, intercept traffic, or advance laterally into broader enterprise environments. 

The same urgency has also been applied to CVE-2025-67038, a critical unauthenticated command injection vulnerability affecting Lantronix EDS5000 devices with a CVSS score of 9.8. Unpatched, the flaw, which was disclosed as part of BRIDGE:BREAK research that uncovered 22 vulnerabilities across Lantronix and Silex products, allows remote command execution with root privileges, posing a comparable risk of complete device compromise. 

Among the steps CISA suggests to minimize exposure is following vendor-issued mitigation guidance, implementing an accelerated patch management procedure consistent with BOD 26-04 requirements, and maintaining sufficient logging to support forensic investigations when exploitation is suspected. 

The directive requires agencies operating cloud-hosted UniFi environments to comply with cloud-specific provisions, or to discontinue affected services if remediation cannot be completed within the specified timeframe. CISA's latest action reminds us that once vulnerabilities affecting network management platforms become publicly available, they can rapidly transform from technical flaws into high-impact security incidents. 

A critical safeguard for enterprise networks remains timely patching, exposure assessment, and continuous monitoring as threat actors continue to target infrastructure components. It is imperative for organizations relying on UniFi OS and other internet-facing management systems to take these findings seriously, ensuring that remediation efforts are paced at a rate that keeps pace with the speed at which attackers operationalize newly discovered vulnerabilities.

Gravity SMTP Vulnerability Under Active Exploitation, Over 17 Million Attack Attempts Detected

 


Cybersecurity researchers are warning WordPress administrators about ongoing attacks targeting a recently fixed security flaw in the Gravity SMTP plugin, which is currently installed on nearly 100,000 websites.

The vulnerability, identified as CVE-2026-4020 and assigned a CVSS score of 5.3, is classified as a medium-severity information disclosure issue. The flaw enables unauthenticated attackers to access sensitive information, including configuration settings, API credentials, secrets, and OAuth tokens associated with the plugin’s email service integrations.

"This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permission_callback that unconditionally returns true, allowing any unauthenticated visitor to access it," Wordfence said.

"When the ?page=gravitysmtp-settings query parameter is appended, the plugin's register_connector_data() method populates internal connector data, causing the endpoint to return approximately 365 KB of JSON containing the full System Report."

By exploiting the weakness, attackers can gain access to a broad range of system details, including:

* PHP version
* Loaded extensions
* Web server version
* Document root path
* Database server type and version
* WordPress version
* Active plugins and their versions
* Active theme information
* WordPress configuration settings
* Database table names
* API keys and tokens configured for services such as Amazon SES, Google, Mailjet, Resend, and Zoho

Security experts note that the exposed information can be leveraged to obtain credentials that may allow malicious actors to send emails using the affected website’s connected services. Additionally, the extensive system information could help attackers identify further weaknesses and launch follow-up attacks.

"As with all sensitive information exposure vulnerabilities, the impact depends on what data is exposed," Wordfence added. "In this case, the exposure of live third-party API credentials means an attacker could abuse the site's connected email services, while the detailed system report significantly lowers the effort required to plan further attacks against the site."

The issue has been addressed in Gravity SMTP version 2.1.5. However, threat actors have already begun actively exploiting vulnerable installations by sending unauthenticated HTTP GET requests to the affected REST API endpoint with the "?page=gravitysmtp-settings" parameter. These requests trigger the server to disclose valuable site information without requiring authentication.

According to Wordfence, more than 17 million exploitation attempts targeting CVE-2026-4020 have been blocked so far. Malicious activity was first observed in early May 2026 and surged significantly around June 6, 2026, peaking at more than 4 million requests within a single day.

The primary IP addresses associated with the attack activity include:

* 45.148.10.95
* 193.32.162.60
* 176.65.148.139
* 173.199.90.188
* 45.148.10.120
* 185.8.107.155
* 185.8.106.37
* 185.8.106.92
* 185.8.106.145
* 176.65.148.30

Website owners using affected versions of Gravity SMTP, particularly those with third-party email integrations enabled, are strongly advised to update to the latest version immediately. Security experts also recommend rotating all associated API credentials after updating, as a precautionary measure.

Administrators should further inspect server logs for requests originating from the identified IP addresses and review any suspicious activity involving the vulnerable API endpoint to determine whether their systems may have been targeted.

Underground Forum Tutorial Reveals How Cybercriminal Communities Teach Vulnerability Exploitation and Profit-Making

 

A forum discussion titled “Hacking for Profit. Working method” has provided cybersecurity researchers with a unique look into how underground communities educate aspiring hackers on vulnerability exploitation and monetization. While the original post is neither highly technical nor extensive, its significance lies in presenting a structured, easy-to-follow roadmap that simplifies a complex process.

The post, authored by a threat actor operating under the alias "Hercules," outlines the stages of identifying, assessing, exploiting, and ultimately profiting from vulnerabilities. Researchers from Flare examined both the original content and the subsequent discussions over several months, finding that the thread sparked considerable engagement among forum members.

The discussion attracted numerous responses from users who expressed appreciation for the guidance, sought private communication with "Hercules," and identified themselves as beginners hoping to transition from theoretical cybersecurity knowledge to practical application. According to researchers, the thread appeared to serve as more than just an instructional post, functioning as a source of motivation and mentorship for inexperienced individuals.

The popularity of the tutorial extended beyond its original platform, with the same methodology being reposted and debated across four additional underground forums. Through the post, "Hercules" presents a straightforward framework that helps novice threat actors understand vulnerability exploitation and methods of generating revenue from discovered flaws.

The guide begins by advising readers on how to monitor newly disclosed vulnerabilities, particularly high-impact categories such as remote code execution (RCE), authentication bypass, account takeover, insecure direct object references (IDOR), and data exposure vulnerabilities. It then explains how to locate potentially vulnerable systems, verify exposure, and determine whether findings should be reported, sold, or exploited.

Researchers identified three particularly notable aspects of the tutorial. First, it highlights the use of the Nuclei framework developed by ProjectDiscovery, a widely adopted tool among offensive security professionals. Second, it demonstrates an understanding of the difficulties organizations face when patching newly disclosed vulnerabilities. Third, the tutorial is deliberately separated into “legal” and “illegal” paths, allowing readers to choose at which stage they transition from vulnerability disclosure activities into malicious actions.

One of the tutorial’s most effective features is its approachable tone. Rather than relying on technical jargon, "Hercules" explains concepts in simple language and portrays hacking as a skill that can be learned through practical experience.

He argues that many educational resources focus excessively on subjects such as operating systems, programming languages, scanner configurations, and computer science fundamentals, while many newcomers simply want to "hack," "break in," and "gain access."

The author further suggests that aspiring hackers do not need advanced software development expertise to get started. Publicly available tools, community-created templates, automation, and artificial intelligence are presented as resources that lower the entry barrier, while programming knowledge is described as beneficial but not essential.

This message resonated strongly with forum members. One participant noted that despite completing numerous hacking courses, they struggled to apply their knowledge in real-world scenarios. Another admitted having no programming experience and questioned whether that would prevent them from succeeding.

Many respondents praised the post for its clarity and organization, while others requested direct mentorship or private communication with "Hercules."

A key element of the tutorial is its focus on turning vulnerability discoveries into financial opportunities. According to "Hercules," individuals who uncover vulnerabilities have several options available.

One approach involves contacting the owner of the affected website, server, or hosting provider and offering vulnerability details in exchange for compensation. As the author explains, some organizations are willing to reward responsible disclosure efforts, adding that “…you can take your money home and be proud of yourself”.

The tutorial also discusses selling discovered vulnerabilities through underground marketplaces. In some cases, "Hercules" suggests that actors may simultaneously approach the victim while marketing the same information elsewhere.

Additionally, the guide encourages exploiting vulnerabilities to determine what assets or information reside on compromised systems. Remote code execution vulnerabilities are described as opportunities that can be sold to botnet operators, abused for unauthorized resource usage, or leveraged for data theft. Similarly, account takeover, IDOR, and data leakage vulnerabilities are portrayed as valuable commodities that can be quickly monetized.

"Hercules" characterizes himself as a hacker rather than a fraudster, claiming a preference for rapid sales of access or information rather than engaging in subsequent fraudulent activities.

The forum responses indicate that the thread's influence stemmed from the confidence and practical direction it provided rather than from groundbreaking technical information.

Many users requested additional mentorship, private conversations, and more detailed follow-up material. Others expressed frustration with the limitations of theoretical learning and viewed the tutorial as a useful bridge toward hands-on experience.

Researchers noted that unlike highly technical exploit analyses, which typically appeal to a specialized audience, simple and motivational workflows can attract a much broader group of aspiring participants. Because the methodology is not tied to any specific vulnerability, its relevance can persist for extended periods.

The tutorial promotes a repeatable process: monitor newly disclosed vulnerabilities, identify exposed systems, validate findings, monetize opportunities, and repeat the cycle. This mindset, researchers suggest, provides insight into how inexperienced actors are introduced to cybercrime and encouraged to prioritize certain categories of vulnerabilities.

The post also appears to function as an informal recruitment channel, as "Hercules" repeatedly encourages users to initiate private conversations.

The tutorial highlights several important considerations for organizations responsible for cybersecurity.

First, critical vulnerabilities that are easily reachable remain prime targets for attackers. While automated botnets often begin scanning for exploitable systems shortly after vulnerabilities and proof-of-concept exploits become public, the tutorial demonstrates that even novice threat actors are being encouraged to pursue these opportunities.

Second, older vulnerabilities continue to pose significant risks. Legacy systems running outdated versions of platforms such as Drupal or WordPress may remain attractive targets for less experienced attackers seeking accessible entry points.

Third, researchers emphasize the importance of maintaining effective vulnerability disclosure programs. Financial incentives can encourage security researchers to report vulnerabilities responsibly rather than seeking alternative methods of monetization. Even if information eventually reaches underground markets, early disclosure provides organizations with an opportunity to mitigate risk before widespread exploitation .

Researchers argue that the significance of the thread lies not in the introduction of a new exploitation technique but in its ability to simplify cybercrime into a repeatable business process.

By transforming a technically complex subject into an understandable workflow, "Hercules" makes vulnerability exploitation appear achievable to newcomers. The enthusiastic responses from inexperienced users suggest that this approach is effective.

The findings underscore a broader trend within the cybercrime ecosystem: malicious capabilities do not grow solely through advanced malware development or zero-day discoveries. They also expand through accessible tutorials, mentorship, publicly available tools, and online communities that lower barriers to entry and make illicit activity appear attainable.

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

 

Splunk has issued urgent security updates to address a catastrophic vulnerability in Splunk Enterprise that enables unauthenticated remote code execution (RCE). Tracked as CVE-2026-20253, the flaw carries a maximum CVSS score of 9.8, marking it as one of the most severe security issues seen in enterprise data platforms this year. Attackers can exploit this vulnerability to perform arbitrary file operations and execute malicious code without providing any credentials, potentially leading to complete infrastructure compromise. 

The vulnerability stems from the PostgreSQL Sidecar Service introduced in Splunk version 10, which lacks proper authentication controls at its endpoint. Specifically, the service listens locally on port 5435 and allows any network-reachable user to invoke file operations without credentials. According to Splunk's official alert, "an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint" in versions below 10.2.4 and 10.0.7. This missing authentication layer transforms what appeared to be an arbitrary file-creation issue into a full-blown unauthenticated RCE vulnerability. 

Affected versions include all Splunk Enterprise releases below 10.2.4 and 10.0.7, impacting multiple release branches across the 10.x series. The flaw specifically targets the PostgreSQL Sidecar Service API, which was introduced as part of Splunk version 10's architecture. Cybersecurity experts warn that due to the potential for full infrastructure compromise in both enterprise and cloud environments, immediate patching is absolutely required. Organizations running unpatched Splunk instances face extreme risk since the vulnerability requires no authentication whatsoever. 

Splunk has released security updates that properly address this critical flaw by implementing authentication controls at the PostgreSQL Sidecar Service endpoint. Security administrators should prioritize upgrading to version 10.2.4 or 10.0.7 (or newer) immediately to close this attack vector. The cybersecurity community has noted the ironic danger here: Splunk is supposed to be your security monitoring tool, so if this unpatched vulnerability sits on your network, attackers can bypass your very security infrastructure. No active detections in the wild have been confirmed yet, but the severity makes this a likely target for rapid exploitation. 

This vulnerability represents a critical security gap that demands immediate attention from all Splunk Enterprise users worldwide. With a CVSS score of 9.8, CVE-2026-20253 elevates what was initially reported as an arbitrary file-creation flaw into a dangerous unauthenticated remote code execution threat. Organizations must treat this as a top-priority security incident and apply Splunk's patches without delay to prevent potential data breaches, system compromise, or complete infrastructure takeover by malicious actors.

OpenClaw Security Flaws Expose AI Agents to Hidden Commands and Data Theft Risks

 

Two independent cybersecurity studies published this week have uncovered serious security weaknesses in OpenClaw, a widely used self-hosted AI agent platform. The findings demonstrate how attackers can manipulate AI agents into executing malicious code or leaking sensitive information through seemingly harmless inputs.

Researchers from Imperva and Varonis approached the issue from different angles but reached a similar conclusion: AI agents that trust incoming data and possess broad system access can become powerful attack vectors when exploited.

Hidden Instructions Embedded in Everyday Content

Imperva researchers discovered that OpenClaw could be tricked into processing concealed instructions embedded within shared contacts, vCards, and location pins. These malicious commands were executed by the AI agent without any visible indication to the user.

The issue stemmed from how OpenClaw handled certain message objects before passing them to the large language model (LLM). While content fetched from the web was clearly marked as untrusted, information contained within contacts, vCards, and location labels was inserted directly into prompts without any trust boundary.

According to Imperva researcher Yohann Sillam, this allowed attackers to hide instructions inside fields such as contact names. Since angle brackets are permitted in contact names, the model could not reliably distinguish legitimate information from injected commands.

Only selected fields were transmitted to the model, making them attractive targets. In one example, a shared contact was serialized as <contact: name, number>, allowing attackers to insert malicious instructions within the name field itself. Because messaging apps truncate long contact names, victims often never saw the hidden payload.

The same attack method was also successful through WhatsApp-supported vCards and shared location labels.

During testing against Gemini 3.1 Pro's preview build, hidden instructions successfully convinced the AI agent to download and execute a script hosted on servers controlled by the researchers. Similar attempts using images with embedded instructions failed, likely because AI models have become more resistant to that well-known attack technique.

Imperva warned that OpenClaw's default memory functionality could amplify the threat. A single malicious piece of widely shared content could potentially affect multiple agents if adequate sandboxing protections were absent.

Following responsible disclosure, OpenClaw addressed the issue in version 2026.4.23. The update separates contact names, vCard information, and location labels from the main prompt and places them in an isolated untrusted metadata channel.

Researchers also noted that similar design patterns exist in several other personal AI assistant platforms, suggesting the issue extends beyond OpenClaw alone.

Social Engineering Defeats Technical Safeguards

While Imperva focused on prompt injection, Varonis Threat Labs explored how AI agents respond to social engineering attacks.

Led by researcher Itay Yashar, the Varonis team created an OpenClaw-based agent called Pinchy and connected it to a Gmail inbox filled with realistic business communications and synthetic sensitive information. The researchers then tested the agent using four different phishing scenarios involving Google Gemini 3.1 Pro and OpenAI Codex GPT-5.4.

Varonis distinguishes traditional prompt injection from what it calls "agent phishing." Unlike hidden instructions embedded in content, agent phishing relies on convincing requests delivered through normal communication channels, exploiting the agent's willingness to act before verifying legitimacy.

The tests revealed significant weaknesses.

In one scenario, an email impersonating a team leader named Dan requested urgent staging access during a simulated production emergency. The message originated from an external Gmail account, yet the agent located and forwarded mock AWS IAM access keys, database connection credentials, and SSH details in plain text.

A second phishing attempt used a more routine business request, asking for a weekly customer export supposedly needed for a QBR presentation. The agent responded by sending a synthetic database containing information on 247 enterprise customers, including contact details and contract values.

Notably, these failures occurred despite the agent being configured with instructions to verify sender identities before responding. Researchers observed that urgency successfully bypassed safeguards in one case, while routine business language defeated them in another.

The agent demonstrated stronger performance against technically oriented threats. It interacted with a phishing page designed to steal gift-card credentials but ultimately withheld sensitive information and flagged suspicious behavior. A stricter configuration blocked the page entirely.

Similarly, when presented with a malicious OAuth consent screen disguised as a timesheet application, the agent examined the redirect destination, recognized warning signs, and refused access.

Researchers concluded that AI agents may outperform many users when identifying suspicious URLs and fraudulent login portals. However, they remain vulnerable to social manipulation that exploits helpfulness and trust.

Varonis also observed that OpenAI Codex GPT-5.4 behaved more cautiously than Gemini 3.1 Pro when interacting with external websites or transmitting data. Nevertheless, both models ultimately fell victim to the social-engineering scenarios.

One Core Problem Behind Multiple Attacks

Varonis linked both attack methods to what researcher Simon Willison describes as the "lethal trifecta": an AI system capable of accessing private data, consuming untrusted content, and transmitting information externally.

OpenClaw satisfies all three conditions, making both hidden prompt injections and phishing-based attacks highly effective.

Additional concerns emerged from a separate InfoSec Write-ups analysis. Researchers converted historical OpenClaw security advisories into static-analysis rules and uncovered five additional vulnerabilities affecting integrations with Slack, Discord, Matrix, Zalo, and Microsoft Teams.

Each flaw originated from the same design issue. Channel allowlists were validated using mutable display names rather than permanent identifiers. Attackers could therefore impersonate trusted users simply by changing their display names to match approved accounts.

OpenClaw has since patched these vulnerabilities.

The platform's extensive permissions—including access to files, shell environments, and more than twenty messaging services—have previously prompted warnings regarding prompt injection and data exfiltration risks.

The strongest criticism came from the Dutch data protection authority, the Autoriteit Persoonsgegevens, which advised users and organizations against deploying OpenClaw on systems containing sensitive information due to concerns over data breaches and account compromise.

Recommended Defenses

Organizations using OpenClaw are advised to upgrade immediately to version 2026.4.23 or newer to mitigate the message-object vulnerability identified by Imperva.

However, researchers stress that software updates alone cannot solve the broader trust problem inherent in autonomous AI systems.

Varonis recommends four key safeguards:

  • Treat agent instruction files as strict, version-controlled policies rather than informal guidance.

  • Require approval before agents send messages to unfamiliar recipients, reducing the risk of automated phishing or data leakage.

  • Restrict access to connected systems based on the trustworthiness of the triggering source.

  • Require human review for high-risk actions such as credential sharing, financial transactions, or sensitive data transfers.

Both research teams ultimately advocate the same mindset. Varonis recommends treating AI agents as inexperienced employees with extensive system access but limited judgment, while Imperva describes them as authenticated executors that inherently trust incoming information.

Although vendors continue to introduce patches and protective controls, the fundamental challenge remains unresolved. AI agents derive their usefulness from acting on instructions, processing inputs, and helping users accomplish tasks. Those same characteristics also create opportunities for attackers, and the industry has yet to develop a universal solution.

Hackers Exploit FortiClient EMS Flaw to Deploy EKZ Credential-Stealing Malware

 

Cybersecurity researchers have uncovered active attacks exploiting a critical vulnerability in FortiClient Enterprise Management Server (EMS) to distribute a previously undocumented credential-stealing malware known as EKZ Infostealer.

The attacks leverage CVE-2026-35616, an authentication bypass flaw in FortiClient EMS that enables unauthenticated remote attackers to execute arbitrary commands or code through specially crafted requests. The vulnerability stems from improper access control mechanisms and has been actively exploited in the wild.

Threat actors reportedly disguised the malware as a legitimate Fortinet endpoint update and delivered it through VPN scripting workflows managed by FortiClient. Fortinet acknowledged the exploitation of the flaw in early April and subsequently issued emergency hotfixes for versions 7.4.5 and 7.4.6 of the software.

Following reports of malicious activity, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) instructed federal agencies to secure vulnerable systems within days. Around the same period, The Shadowserver Foundation identified approximately 2,000 internet-exposed EMS instances.

Researchers at Arctic Wolf recently observed threat actors using the vulnerability to deploy the EKZ Infostealer. According to the company, attackers begin by abusing endpoint APIs to carry out administrative actions without requiring authentication.

After gaining access, the attackers alter EMS configurations and VPN policies to enable the execution of malicious scripts. Once an endpoint establishes an IPsec connection with a FortiGate firewall, the legitimate FortiClient process, fortitray.exe, launches malicious batch scripts through Command Prompt.

These scripts then execute a Base64-encoded PowerShell payload that downloads malware disguised as a Fortinet software update. The payload subsequently collects data from the victim's device and sends it to an attacker-controlled virtual private server (VPS) over HTTP.

“Rather than relying on a generic malware lure, the payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” reads the report from Arctic Wolf.

“On affected endpoints, FortiClient components launched command scripts that invoked PowerShell, downloaded a credential stealer, executed it silently, and exfiltrated harvested browser data before removing local artifacts.”

The malware, tracked as EKZ Infostealer, is designed to harvest sensitive information from both Chromium-based and Firefox browsers. It extracts stored browser data into text files and is capable of bypassing encrypted password protections.

Among the targeted data are login credentials, credit card information, addresses, phone numbers, and browser cookies. By stealing cookies, attackers may gain access to accounts protected by multi-factor authentication without needing the user's credentials.

Arctic Wolf noted that one potential indicator of compromise is the appearance of the log entry “Certificate not found in request header.” During testing, this message was often followed within seconds by another log entry indicating that a certificate associated with "fortinet-ca2" had been successfully updated.

Security teams are advised to monitor for unusual certificate authentication events and unauthorized modifications to Remote Access Profile settings. Additionally, suspicious administrative actions, newly created accounts, logins originating from unfamiliar locations such as Tor networks or VPS-hosted IP addresses, and unexpected configuration changes should be treated as potential warning signs of compromise.

Arctic Wolf has also released detailed detection and mitigation guidance to help organizations identify and defend against these attacks.

AI Era Ignites Bug-Hunting Arms Race as Exploits Accelerate Faster Than Patches

 

The AI era has triggered a new cybersecurity arms race in which attackers and defenders are both using machine learning to find and exploit software vulnerabilities faster than ever. According to security experts, attackers are ramping up AI-powered exploit development, while security teams are deploying AI-driven detection and patching workflows to respond in real time. 

This acceleration is reshaping the economics of software security: the speed of vulnerability discovery no longer matches the slower pace of traditional analysis, triage, and patching, creating a dangerous imbalance between how quickly bugs are found and how quickly they can be fixed. The main issue is the flood of AI-generated bug reports overwhelming existing programs. Curl ended its bug bounty program after being inundated with low-quality submissions generated by AI tools. Linux’s security mailing list has become “almost entirely unmanageable” due to high volumes and duplicate AI bug reports from automated scanners.

Google recently overhauled its Vulnerability Reward Programs for Chrome and Android, lowering payouts for some bug classes while increasing others to focus on the most challenging and impactful vulnerabilities. These changes show that the industry is struggling to sort useful findings from noise while keeping costs sustainable. The same AI tools that help defenders also help attackers, which is the core asymmetry of this arms race. AI systems can now scan entire codebases, detect subtle patterns humans miss, and generate exploit code in days or even hours instead of months. 

Historically, exploiting a vulnerability could take years; now, exploits can emerge within 24 hours after discovery. This compression of the timeline means developers have less time to patch, attackers can automate exploitation, and low-skilled hackers gain advanced capabilities that were once reserved for elite teams. The result is a shrinking window between finding a flaw and it being weaponized. 

Organizations are responding with a mix of economic and structural measures. Some researchers argue that companies cannot simply “patch their way out of this” and must instead build infrastructure that makes many bugs irrelevant in practice. The industry is shifting toward “secure by default” designs, automated scanning in release candidates, and security-first development practices that reduce the number of exploitable weaknesses from the start. Google’s payout adjustments reflect a strategic shift to reward only the most impactful vulnerabilities, while smaller firms may struggle to keep up with rising costs and report volumes. 

The long-term issue is that vulnerability discovery is no longer a human-limited process but a machine-driven one, changing the balance of power in cybersecurity. AI exposes weaknesses faster than communities can respond, and the backlog of bugs now grows faster than it can be resolved. The winners will be those who treat security as continuous defense-in-depth, not as a one-time fix, and who build systems where most bugs are made irrelevant by design rather than by constant patching.

Shadow Brokers Mystery Remains One of Cybersecurity’s Biggest Unsolved Cases

 

dThe world of cybersecurity has witnessed countless data breaches and hacking incidents over the years, many of which remain unresolved despite extensive investigations. While several notorious cybercriminal groups and state-backed hacking operations have eventually been exposed, some of the most significant cyber mysteries continue to puzzle experts.

Among these unsolved cases, few are as intriguing as the story of the Shadow Brokers — a mysterious online group that shocked the cybersecurity community by releasing a cache of advanced hacking tools allegedly linked to the U.S. National Security Agency (NSA) before disappearing without a trace.

The group first emerged in the summer of 2016, a period already marked by heightened attention on cyberattacks connected to the U.S. presidential election. Shadow Brokers appeared on Twitter and directed users to a Pastebin post, tagging several media organizations in the process. However, the unusual method of communication meant many of those outlets likely never noticed the messages.

Those who followed the link encountered a document titled “Equation Group Cyber Weapons Auction — Invitation,” referring to the Equation Group, a sophisticated cyber operation widely believed to be associated with the NSA.

In the announcement, the hackers wrote, “!!! Attention government sponsors of cyber warfare and those who profit from it !!!! How much you pay for enemies’ cyber weapons?” They claimed to have breached the Equation Group and offered access to stolen cyber tools. The post included downloadable samples along with an encrypted archive that could supposedly be unlocked by the highest bidder.

Promoting the contents, the group stated, “Auction files better than Stuxnet,” referencing the malware deployed against Iranian nuclear facilities during a joint U.S.-Israeli cyber operation in 2007. The hackers demanded bids of at least one million Bitcoin.

The leak rapidly drew global attention. As cybersecurity experts examined the released tools, many concluded that the software was exceptionally advanced and likely originated from the NSA. This belief strengthened when researchers noticed similarities between the leaked tools and programs previously revealed through disclosures by former NSA contractor Edward Snowden.

Over time, it became apparent that the auction itself may never have been intended as a genuine sale. Months later, the Shadow Brokers publicly released many of the tools without receiving the requested payment. Their behavior often appeared contradictory. The group’s unusual and frequently broken English raised questions about whether they were deliberately disguising their identity or attempting to mislead investigators.

Despite attracting widespread media coverage, the group remained remarkably elusive. They communicated with journalists only once, granting a brief interview to Joseph Cox, now of 404 Media, during his tenure at VICE Motherboard. A decade later, the true identities behind the Shadow Brokers remain unknown.

At the time, journalists and researchers consulted former NSA personnel, some of whom speculated that a current or former agency insider could have played a role. Yet no individual has ever been formally charged for carrying out one of the most damaging intelligence-related cyber leaks in U.S. history.

One frequently discussed suspect was Harold T. Martin III, an NSA contractor arrested for removing classified materials from the agency. However, investigators faced a significant challenge with that theory: Shadow Brokers continued posting online after Martin had already been taken into custody. As a result, he has never been officially linked to the leaks through criminal charges.

A more widely accepted explanation among analysts suggests that the Shadow Brokers may have been a front created by a Russian intelligence operation designed to influence public perception and advance strategic objectives.

The consequences of the leak were profound. Among the exposed tools was EternalBlue, a collection of Windows zero-day vulnerabilities that enabled attackers to infiltrate systems, move laterally across networks, and spread malware automatically. Because zero-day vulnerabilities are unknown to software developers, they often remain unpatched and highly dangerous until discovered.

The leaked EternalBlue exploit later became the foundation for some of the most destructive cyberattacks ever recorded. North Korean hackers used it in the WannaCry ransomware outbreak, while Russian operators incorporated it into the NotPetya malware campaign. Although initially aimed at targets in Ukraine, NotPetya spread globally and is estimated to have caused around $10 billion in economic losses.

For organizations worldwide, the incident underscored a critical cybersecurity lesson: vulnerabilities stockpiled by intelligence agencies can eventually escape into the public domain, creating enormous risks for businesses and governments alike.

Even years later, researchers continue uncovering new insights from the leaked materials. One tool contained a list of project names, including an entry called Fast16 that carried the unusual note, “NOTHING TO SEE HERE — CARRY ON.”

Last month, cybersecurity researchers announced that they had successfully located and analyzed the project. Their investigation uncovered malware dating back to 2005 that was reportedly designed to manipulate software believed to be used by Iranian nuclear scientists, demonstrating that the Shadow Brokers leak continues to reveal new chapters in cyber espionage history.


Anthropic’s Project Glasswing Detects Over 10,000 Critical Software Vulnerabilities Worldwide

 

iArtificial intelligence company Anthropic has revealed that its cybersecurity initiative, Project Glasswing, has successfully identified more than 10,000 high- and critical-severity vulnerabilities across globally significant software systems since the program was introduced last month.

The initiative was designed as a defensive cybersecurity program aimed at strengthening critical software infrastructure worldwide. Through Project Glasswing, around 50 trusted partners receive early access to Claude Mythos Preview — an advanced AI model capable of autonomously discovering vulnerabilities in widely used software before malicious actors can exploit them.

According to Anthropic, 6,202 of the detected vulnerabilities were categorized as high or critical severity and affected over 1,000 open-source projects. Further review confirmed 1,726 of these findings as legitimate true positives, while 1,094 vulnerabilities were assessed as either high or critical in severity.

Among the major discoveries was a critical security flaw in WolfSSL identified as CVE-2026-5194, carrying a CVSS score of 9.1. The vulnerability could potentially allow attackers to forge certificates and impersonate legitimate services. Anthropic noted that the initiative has already contributed to 97 vulnerabilities being patched upstream along with the release of 88 security advisories.

"The relative ease of finding vulnerabilities compared with the difficulty of fixing them amounts to a major challenge for cybersecurity," Anthropic acknowledged. "Confronting this challenge successfully will make our software far safer than before."

The announcement comes amid a broader rise in AI-assisted vulnerability discovery, with software vendors releasing patches at an unprecedented pace. Microsoft recently indicated that the number of monthly security patches is expected to continue increasing over time.

Cybersecurity firm XBOW described Mythos Preview as "a major advance" that is "substantially better than prior models at finding vulnerability candidates" and "adept at analyzing source code with a security mindset." Researchers have also observed the model’s effectiveness in converting vulnerabilities into complete end-to-end attack chains.

Anthropic highlighted that the capabilities of Mythos Preview extend beyond vulnerability detection. In one reported incident, a banking partner participating in Glasswing used the AI model to identify and block a fraudulent wire transfer worth $1.5 million after a threat actor compromised a customer’s email account and attempted spoofed phone calls.

The company warned that AI models with capabilities similar to Mythos could become widely accessible in the near future, prompting a need for organizations to accelerate their patch management processes. Oracle has already transitioned to a monthly patch cycle to respond more quickly to critical security vulnerabilities.

"Network defenders should shorten their patch testing and deployment timelines," Anthropic said. "These include steps like hardening networks' default configurations, enforcing multi-factor authentication, and keeping comprehensive logs for detection and response."

Anthropic also announced the launch of its Cyber Verification Program, which allows verified security researchers to use its AI models without standard guardrails for legitimate cybersecurity activities such as penetration testing, vulnerability research, and red teaming. The move mirrors OpenAI’s Daybreak initiative, which enables defenders to work with GPT-5.5-Cyber for specialized security workflows.

Despite their advanced capabilities, models such as Mythos Preview and GPT-5.5-Cyber have not yet been publicly released due to concerns surrounding potential misuse and the absence of sufficient safeguards against large-scale abuse.

"Glasswing helps the most systemically important cyber defenders gain an asymmetric advantage," it pointed out. "However, there is an urgent need for as many organizations as possible to shore up their cyber defenses. We hope that our generally available models, and the new tools, resources, and research we're providing to accompany them, will support those organizations to improve their cybersecurity posture."

Hackers Abuse Google Ads and Claude.ai Chats to Spread Mac Malware

 

Cybercriminals are once again abusing trust, and this time they are combining Google Ads with Claude.ai shared chats to push malware onto Mac users. The campaign targets people searching for terms like “Claude mac download,” where sponsored results appear to point to the legitimate claude.ai domain but actually lead to malicious installation instructions. Security researcher Berk Albayrak first identified the scheme, and confirmed that attackers are using the tactic in active campaigns. 

The attack works because it looks believable at first glance. Users click a sponsored search result, land on a public Claude chat, and see what appears to be an official “Claude Code on Mac” guide, sometimes even attributed to Apple Support. That page then tells them to open Terminal and paste a command. Instead of installing useful software, the command quietly downloads and runs malware on the victim’s Mac.

What makes the operation especially dangerous is the way it blends legitimate services with deception. The ad itself can show the real claude.ai domain, which helps the link look safe, while the malicious instructions are hidden inside Claude’s shared chat feature. In some variants, the payload is linked to MacSync-style infostealer behavior, aimed at harvesting browser credentials, cookies, and Keychain data. Researchers also reported that multiple malicious chats were being used, showing that the operators are testing and rotating infrastructure. 

The campaign is a strong reminder that search results and AI platforms are not automatically trustworthy just because they appear familiar. Attackers increasingly rely on “clickfix” tactics, where the victim is convinced to copy and run a command manually, bypassing many traditional download warnings. That user action becomes the infection point, making the social engineering as important as the malware itself.

Mac users should avoid sponsored search results when looking for software downloads and instead go directly to the official site by typing the address themselves. Any chat, guide, or support page that instructs users to paste Terminal commands should be treated with caution, especially if it claims to come from Apple or a well-known AI service. The broader lesson is simple: when an instruction asks you to run code on your own computer, pause and verify before acting.

Linux Copy Fail Vulnerability Puts Major Systems at Risk

 

A critical Linux kernel vulnerability known as Copy Fail is drawing urgent attention because it can let a local, unprivileged attacker gain root access on affected systems. Security researchers say the issue affects many mainstream Linux distributions and can be abused without network access, which makes patching and temporary mitigation especially important for administrators. Security experts note that the easiest fix is to update the kernel to the latest patched version. 

Copy Fail is tracked as CVE-2026-31431 and centers on the Linux kernel’s algif_aead module, part of the AF_ALG cryptographic interface. The flaw stems from an in-place optimization introduced in 2017 that can be combined with splice() to perform a controlled write into the page cache of a readable file. In practice, that means an attacker could target a setuid binary such as /usr/bin/su and use the modified cached copy to obtain elevated privileges. 

The vulnerability is serious because it has been verified on several major Linux environments, including Ubuntu, Amazon Linux, RHEL, and SUSE, with kernels built since 2017. CERT-EU says that at the time of its advisory, no distribution had yet shipped a fixed kernel package, even though the upstream fix had already been committed. That delay means many systems may remain exposed until vendors roll out updates.

For now, the main mitigation is to update to a patched kernel as soon as one becomes available. Until then, CERT-EU recommends disabling algif_aead and unloading the module where possible, since the exploit depends on that path. In containerized or multi-tenant environments, blocking AF_ALG socket creation through seccomp can provide an additional layer of protection.

System administrators should treat Copy Fail as a high-priority kernel issue and check whether their environments use affected kernel versions. Because the attack can alter the cached copy of a binary rather than the file on disk, basic integrity checks may not reveal the problem immediately. The safest approach is to patch promptly, apply interim mitigations, and verify that the vulnerable module is no longer active.

Hackers Exploit cPanel Flaw to Gain Control of Thousands of Websites

 

Hackers are still aggressively exploiting a critical bug in cPanel and WHM, the widely used web hosting control software that powers countless websites across the internet. The flaw, tracked as CVE-2026-41940, lets attackers bypass the login screen and seize administrative access to affected servers without a password. Because cPanel is deeply embedded in shared hosting environments, a single compromised server can expose many unrelated websites at once. 

The scale of the problem is large. Security researchers say more than 550,000 cPanel servers may be vulnerable, while roughly 2,000 instances were believed to be compromised at the time of reporting, down from about 44,000 last week. That drop suggests some hosting providers and administrators have already begun cleaning up or blocking attacks, but the threat remains active and widespread. 

What makes the issue especially dangerous is how much control the bug gives to attackers. Once inside, criminals can manage website files, databases, SSL certificates, and other critical settings tied to every site hosted on the server. In practice, that means they can deface websites, install backdoors, steal data, or redirect visitors to malicious pages, all from the control panel intended for legitimate administrators.

The vulnerability has also shown signs of being abused before the public disclosure. One hosting provider reported seeing exploitation attempts as early as late February, well before the issue was officially disclosed and patched. The U.S. Cybersecurity and Infrastructure Security Agency added the flaw to its Known Exploited Vulnerabilities catalog, confirming that it is being used in real-world attacks and should be treated as an urgent patching priority. 

For site owners, the response needs to be immediate and practical. Systems should be patched to the latest cPanel and WHM releases, exposed login panels should be restricted where possible, and administrators should check for unauthorized users, modified files, suspicious SSH keys, and unexpected database changes. Hosting providers such as Namecheap, HostGator, and KnownHost have already taken emergency steps, including temporarily blocking access while they applied fixes. The wider lesson is that a single authentication-bypass flaw in a core admin tool can become a large-scale internet incident almost overnight.