LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
Ravie LakshmananMay 23, 2026Vulnerability / Web Security
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.
The flaw, tracked as CVE-2026-48172 (CVSS score:...
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks,...
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
Ravie LakshmananMay 21, 2026Hacking News / Cybersecurity News
This week starts small.
A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At...
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands...
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands...
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Ravie LakshmananMay 17, 2026Data Breach / Cybercrime
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download...
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Ravie LakshmananMay 14, 2026Hacking News / Cybersecurity News
Everything is still on fire.
This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum...
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Ravie LakshmananMay 12, 2026Vulnerability / Network Security
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it...
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Ravie LakshmananMay 12, 2026Supply Chain Attack / Software Security
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described...
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
Ravie LakshmananMay 11, 2026Vulnerability / Ransomware
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager...
