Category of intelligence

Vulnerabilities

News about security failures, exploits and vulnerabilities in systems

Stories published: 742 Showing up 9 articles per page

Security Alert: CVE-2026-41940 turns cPanel / WHM into an intrusion vector against governments and MSPs

Vulnerabilities

May 4, 2026 5 min de lectura 117

Security Alert: CVE-2026-41940 turns cPanel / WHM into an intrusion vector against governments and MSPs

On May 2, 2026, researchers at Ctrl-Alt-Intel detected an active campaign that explores critical vulnerability in cPanel / WHM, registered as CVE-2026-41940, to unify authenticati…

Crypto scam industrializes: transnational networks, trafficking and malware at the service of fraud

Vulnerabilities

May 4, 2026 3 min de lectura 113

Crypto scam industrializes: transnational networks, trafficking and malware at the service of fraud

The recent international raid that evicted nine scam centres linked to investment fraud in cryptomonedas and which led to the arrest of hundreds of suspects is less an isolated fa…

FEMITBOT the scam hidden in Telegram Mini Apps steals cryptomonedas and distributes malware

Vulnerabilities

May 3, 2026 4 min de lectura 122

FEMITBOT the scam hidden in Telegram Mini Apps steals cryptomonedas and distributes malware

Cybersecurity researchers have identified a massive fraud operation that exploits Mini Apps functionality within Telegram to run critical scams, supplant recognized brands and dis…

Copy Fail: the critical vulnerability of the Linux kernel (CVE-2026-31431) already exploited that could give root access and break the container insulation

Vulnerabilities

May 3, 2026 4 min de lectura 123

Copy Fail: the critical vulnerability of the Linux kernel (CVE-2026-31431) already exploited that could give root access and break the container insulation

The US Agency for Infrastructure and Cybersecurity. United States. ( CISA) has included in its catalog Known Exploited Vulnerabilities (KEV) a critical vulnerability recently disc…

Security alert: CVE-2026-41940 in cPanel / WHM allows administrative access and mass ransomware

Vulnerabilities

May 2, 2026 4 min de lectura 102

Security alert: CVE-2026-41940 in cPanel / WHM allows administrative access and mass ransomware

A critical authentication failure in cPanel / WHM, recorded as CVE-2026-41940, is being exploited in mass and has already been linked to ransomware campaigns aimed at Linux server…

ConsentFix v3 the tactic that steals tokens taking advantage of the pregranted trust in OAuth

Vulnerabilities

May 2, 2026 4 min de lectura 175

ConsentFix v3 the tactic that steals tokens taking advantage of the pregranted trust in OAuth

A new attack vector known in forums such as ConsentFix v3 is showing a recurring weakness in architectures that trust OAuth flows: it is not always the password or MFA that determ…

Trellix repository intrusion exposes customer risks and software supply chain

Vulnerabilities

May 2, 2026 4 min de lectura 127

Trellix repository intrusion exposes customer risks and software supply chain

The cyber security company Trellix has confirmed an intrusion that allowed unauthorized access to a part of your source code repository and claims to have initiated a forensic inv…

Vulnerabilities

May 1, 2026 5 min de lectura 135

High-impact cyber spiking: N-day vulnerabilities, web shells and a campaign targeting governments, defense and journalists

Cybersecurity researchers have highlighted a high-impact computer espionage campaign that, according to the firms that have analysed it, seems to be aligned with Chinese state int…

Unlegible RDP warnings Microsoft fixes the failure that affected multiple screens

Vulnerabilities

May 1, 2026 3 min de lectura 156

Unlegible RDP warnings Microsoft fixes the failure that affected multiple screens

Microsoft fixed a failure that made the new security notices when opening Remote Desktop files (.rdp) appear wrong in teams with several monitors and different scale settings: dis…

Explore RadarBytes

Vulnerabilities

Security Alert: CVE-2026-41940 turns cPanel / WHM into an intrusion vector against governments and MSPs

Crypto scam industrializes: transnational networks, trafficking and malware at the service of fraud

FEMITBOT the scam hidden in Telegram Mini Apps steals cryptomonedas and distributes malware

Copy Fail: the critical vulnerability of the Linux kernel (CVE-2026-31431) already exploited that could give root access and break the container insulation

Security alert: CVE-2026-41940 in cPanel / WHM allows administrative access and mass ransomware

ConsentFix v3 the tactic that steals tokens taking advantage of the pregranted trust in OAuth

Trellix repository intrusion exposes customer risks and software supply chain

High-impact cyber spiking: N-day vulnerabilities, web shells and a campaign targeting governments, defense and journalists

Unlegible RDP warnings Microsoft fixes the failure that affected multiple screens

Disable your ad blocker

Vulnerabilities

Manage your cookies