The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers.
The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover
Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions.
The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek.
38 Vulnerabilities Found in OpenEMR Medical Software
Some of the vulnerabilities discovered by Aisle can be exploited to access and alter sensitive patient information.
The post 38 Vulnerabilities Found in OpenEMR Medical Software appeared first on SecurityWeek.
Chrome 147, Firefox 150 Security Updates Rolling Out
The browser refreshes resolve critical and high-severity vulnerabilities that could lead to arbitrary code execution.
The post Chrome 147, Firefox 150 Security Updates Rolling Out appeared first on SecurityWeek.
Critical GitHub Vulnerability Exposed Millions of Repositories
The remote code execution flaw CVE-2026-3854 was found to impact GitHub.com and GitHub Enterprise Server.
The post Critical GitHub Vulnerability Exposed Millions of Repositories appeared first on SecurityWeek.
No Patch for New PhantomRPC Privilege Escalation Technique in Windows
A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System.
The post No Patch for New PhantomRPC Privilege Escalation Technique in Windows appeared first on SecurityWeek.
Incomplete Windows Patch Opens Door to Zero-Click Attacks
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.
The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on SecurityWeek.
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators.
The post OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years appeared first on SecurityWeek.
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.
The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek.
Firefox Vulnerability Allows Tor User Fingerprinting
The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10.
The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on SecurityWeek.
