The Hacker News

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

CVE-2026-48172 lets cPanel users run scripts as root, affecting LiteSpeed plugin 2.3–2.4.4 and exposing servers.

Severe Linux Copy Fail security flaw uncovered using AI scanning help

Nearly every Linux distribution released since 2017 is currently vulnerable to a security bug called “Copy Fail” that allows any user to give themselves administrator privileg ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Cryptopolitan on MSN

Criminal hackers used AI to write working zero-day exploit

Google caught the first zero-day exploit built with AI assistance. Criminal and state backed hackers are using AI models to find vulnerabilities faster.

U.S. government warns of severe CopyFail bug affecting major versions of Linux

U.S. cybersecurity agency CISA says the CopyFail bug is being actively used in hacking campaigns, and poses a major risk to servers and datacenters that rely on Linux.
Hosted on MSN

Google blocks first AI-made zero-day exploit before mass attack

First AI zero-day: Google identified and blocked an AI-generated zero-day exploit aimed at bypassing two-factor authentication in a widely used open-source admin tool. How it was found: Analysis ...

6 comedy actors on surviving bad reviews, making their castmates break and more

Danielle Deadwyler, Donald Faison, Sabrina Impacciatore, Justine Lupe, Lamorne Morris and Chris Perfetti sit down with ...
eWeek

NASA's Rover Swarm to Prep Moon Base

NASA kicked off its Moon Base era at the 2026 FIRST Robotics World Championship last week, unveiling how modular builde ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

THREE easy ways to tackle most hated money jobs in under five minutes and boost your cash by £10,750

DO you have a to-do list as long as your arm? If so, we can help you tackle some of your most HATED tasks in less than FIVE ...
Cryptopolitan on MSN

North Korea’s Lazarus turns to fileless malware in new crypto attacks

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.