The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access.
The post Over 40,000 Servers Compromised in Ongoing cPanel Exploitation appeared first on SecurityWeek.
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers.
The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.
Incomplete Windows Patch Opens Door to Zero-Click Attacks
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.
The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on SecurityWeek.
Recent Microsoft Defender Vulnerability Exploited as Zero-Day
The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges.
The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before.
The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek.
Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed.
The post Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers appeared first on SecurityWeek.
Recent Apache ActiveMQ Vulnerability Exploited in the Wild
The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April.
The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Exploited Vulnerability Exposes Nginx Servers to Hacking
Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.
The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on SecurityWeek.
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count.
The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek.
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
The security defects allow attackers to escalate privileges and execute arbitrary code remotely.
The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek.
