Critical Linux Kernel Vulnerability Exploited in Linux Update and cPanel Breach

Vaibhav May 3, 2026
www.news4hackers.com-critical-linux-kernel-vulnerability-exploited-in-linux-update-and-cpanel-breach-critical-linux-kernel-vulnerability-exploited-in-linux-update-and-cpanel-breach
Post Views: 4

Critical Security Updates

A series of critical security vulnerabilities have been uncovered, affecting widely used software and platforms.

cPanel Authentication Bypass Vulnerability

A critical authentication bypass vulnerability, identified as CVE-2026-41940, has been exploited in the popular web-based control panel, cPanel. This vulnerability allows attackers to bypass authentication checks and access sensitive areas of the panel, potentially leading to unauthorized modifications or data exposure.

According to watchTowr security researchers, “The vulnerability was discovered in February 2026 and has been exploited in the wild since then, indicating that attackers did not have to wait for the technical details to be released.”

The vulnerability affects virtually all versions of cPanel since 2017 and a working proof-of-concept (PoC) exploit is publicly available.

Linux Kernel Flaw Enables Reliable Local Privilege Escalation

Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability, identified as CVE-2026-31431, in the Linux kernel. This vulnerability, nicknamed “Copy Fail,” affects virtually every major Linux distribution shipped since 2017 and has been assigned a severity rating of 8.8/10.

Github Remote Code Execution Flaw Exposes Thousands of Self-Hosted Servers

Researchers at Wiz reported an easily exploitable Github remote code execution flaw, identified as CVE-2026-3854, on March 4. The company confirmed the vulnerability within 40 minutes and pushed a fix to Github.com in under two hours. However, for thousands of organizations running Github Enterprise Server on their own infrastructure, the vulnerability still represents a risk.

Automated Red Teaming Gets a Learning Layer

Automated red teaming of large language models has evolved significantly over the past two years, with two dominant approaches emerging. One relies on trial and error, while the other, like WildTeaming, combines crowdsourced attack data at random. Researchers at Capital One propose Adaptive Instruction Composition, which builds on these inputs and adds a learning layer to prioritize the most promising attack combinations.

AI Traffic Getting Bigger, Louder, and Less Predictable

AI workflows require storage that supports repeated movement across the model lifecycle. Large datasets are ingested, transformed, exported for training, pulled back for evaluation, and refreshed as models evolve. This creates a shift from diffuse internet-style traffic to large, high-bandwidth flows between fewer endpoints.

Cybersecurity Jobs Available Right Now

  • We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

New Infosec Products of the Month

  • Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI.



About Author

Vaibhav

See author's posts

More Stories

www.news4hackers.com-retiree-loses-lakhs-to-cyber-scam-via-fake-bank-app-retiree-loses-lakhs-to-cyber-scam-via-fake-bank-app

Retiree Loses Lakhs to Cyber Scam via Fake Bank App

Vaibhav May 3, 2026
www.news4hackers.com-ganesamoorthy-pandian-receives-patent-for-ai-powered-cybersecurity-solution-ganesamoorthy-pandian-receives-patent-for-ai-powered-cybersecurity-solution

Ganesamoorthy Pandian Receives Patent for AI-Powered Cybersecurity Solution

Vaibhav May 3, 2026
www.news4hackers.com-kolkata-senior-citizen-scammed-using-fake-bank-call-and-malicious-apk-kolkata-senior-citizen-scammed-using-fake-bank-call-and-malicious-apk

Kolkata Senior Citizen Scammed Using Fake Bank Call and Malicious APK

Vaibhav May 3, 2026

Latest Cyber Security News

www.news4hackers.com-retiree-loses-lakhs-to-cyber-scam-via-fake-bank-app-retiree-loses-lakhs-to-cyber-scam-via-fake-bank-app

Retiree Loses Lakhs to Cyber Scam via Fake Bank App

Vaibhav May 3, 2026
www.news4hackers.com-jharkhand-treasury-scandal-exposed-50-crore-fraudulent-transactions-uncovered-jharkhand-treasury-scandal-exposed-50-crore-fraudulent-transactions-uncovered

Jharkhand Treasury Scandal Exposed: ₹50 Crore Fraudulent Transactions Uncovered

Vaibhav May 3, 2026
www.news4hackers.com-muzaffarpur-man-falls-victim-to-online-investment-scam-loses-lakhs-muzaffarpur-man-falls-victim-to-online-investment-scam-loses-lakhs

Muzaffarpur Man Falls Victim to Online Investment Scam, Loses Lakhs

Vaibhav May 3, 2026
www.news4hackers.com-critical-linux-kernel-vulnerability-exploited-in-linux-update-and-cpanel-breach-critical-linux-kernel-vulnerability-exploited-in-linux-update-and-cpanel-breach

Critical Linux Kernel Vulnerability Exploited in Linux Update and cPanel Breach

Vaibhav May 3, 2026
www.news4hackers.com-bangladesh-introduces-cyberbullying-unit-to-protect-women-children-online-bangladesh-introduces-cyberbullying-unit-to-protect-women-children-online

Bangladesh Introduces Cyberbullying Unit to Protect Women & Children Online

Vaibhav May 3, 2026
en_USEnglish
en_USEnglish