FreeBSD DHCP Client Flaw CVE-2026-42511 Allows Root Code Execution via Rogue DHCP Server
A critical vulnerability in the FreeBSD DHCP client, CVE-2026-42511, allows attackers on the same local network to execute arbitrary commands as root by injecting malicious directives through a...
Exim 4.99.2 Patches Four Vulnerabilities Including Heap Corruption, DNS Crash, and Memory Leaks
The Exim development team has released version 4.99.2 to fix four security vulnerabilities — including a DNS-triggered crash on musl systems (CVE-2026-40684), heap corruption via malformed JSON (CVE-2026-40685),...
APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia
A sophisticated threat actor has exploited the critical cPanel authentication bypass CVE-2026-41940 to compromise government and military servers across South-East Asia, while also deploying a custom zero-day SQL-to-OS...
cPanelSniper PoC Exploit Released for CVSS 9.8 Flaw CVE-2026-41940 — 44,000 Servers Already Compromised
A public proof-of-concept exploit framework called cPanelSniper has been released for CVE-2026-41940, a CVSS 9.8 authentication bypass in cPanel and WHM. Over 44,000 servers have already been compromised,...
Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws
Wireshark 4.6.5 addresses over 40 security vulnerabilities, including critical RCE flaws in TLS, RDP, and SBC dissectors. Organizations running Wireshark in enterprise or SOC environments should update immediately...
Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017
A newly disclosed Linux kernel zero-day dubbed "Copy Fail" (CVE-2026-31431) allows any unprivileged local user to obtain root access on virtually every major Linux distribution since 2017 using...
SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service
SonicWall has patched three vulnerabilities in SonicOS — CVE-2026-0204 (CVSS 8.0), CVE-2026-0205, and CVE-2026-0206 — affecting Generation 6, 7, and 8 firewalls. Discovered by CrowdStrike, the flaws allow...
cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites
cPanel has issued emergency security patches across all supported versions to address a critical authentication vulnerability in cPanel and WHM that could allow attackers to bypass login mechanisms...