-
The US Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm over a critical security vulnerability affecting WebPros cPanel & WebHost Manager (WHM) and WP2 (WordPress Squared). On April 30, 2026, CISA officially added this f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical authentication bypass vulnerability in cPanel and Web Host Manager, officially tracked as CVE-2026-41940, is currently being exploited by unidentified threat actors. Security researchers at Ctrl-Alt-Intel recently uncovered an alarming campa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Progress Software has issued a critical security alert for its MOVEit Automation software. Two severe vulnerabilities have been discovered that could allow attackers to bypass authentication and escalate their privileges. Because of the critical nature…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The FreeBSD Project has issued a critical security advisory (FreeBSD-SA-26:12.dhclient) to address a severe Remote Code Execution (RCE) vulnerability in its default IPv4 DHCP client. Tracked as CVE-2026-42511, this flaw allows local network attackers t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in cPanel and WebHost Manager (WHM) is under massive active exploitation following the public release of a sophisticated proof-of-concept exploit. Tracked as CVE-2026-41940, this flaw has already compromised tens of th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches multiple software flaws that could allow attackers to crash server connections, cor…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update patches over 40 distinct security flaws, driven by a recent surge in AI-assisted…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN Client feature. Carrying a CVSS v4.0 score of 9.4, this OS command injecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them ful…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored cross-site scripting (XSS) vulnerabilities that could al…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
