soc

soc

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month

von SOCRadar • 30.04.2026

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month March 2026 brought a heavy concentration of significant cyber incidents across healthcare, outsourcing, software supply chains, and the entertainment sector. A politically motivated wiper attack against a major medical device manufacturer drew particular attention, while a sprawling supply chain campaign […]

Mehr lesen →

soc

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017

von SOCRadar • 30.04.2026

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017 A vulnerability hiding in plain sight for nearly a decade, capable of granting full root access to almost any Linux server with just a 732-byte Python script. Meet “Copy Fail” (CVE-2026-31431), a critical local privilege escalation flaw in the Linux kernel that affects virtually every […]

Mehr lesen →

soc

CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover

von SOC Prime • 30.04.2026

A newly disclosed CVE-2026-Adresse geschuetzt& WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For […] The post […]

Mehr lesen →

security

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

von SecurityWeek • 30.04.2026

An attacker could have planted a malicious configuration to execute commands outside the sandbox. The post Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks appeared first on SecurityWeek.

Mehr lesen →

security

CISA Adds One Known Exploited Vulnerability to Catalog

von CISA Current Activity • 30.04.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-41940 WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]

Mehr lesen →

security

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

von SecurityWeek • 30.04.2026

Claroty researchers discovered two vulnerabilities that can be exploited for security bypass and remote code execution. The post EnOcean SmartServer Flaws Expose Buildings to Remote Hacking appeared first on SecurityWeek.

Mehr lesen →

security

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

von SecurityWeek • 30.04.2026

The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.

Mehr lesen →

soc

Chinese Cybercrime Infrastructure Detected: Automated Exploitation & Harvesting Infrastructure

von SOCRadar • 30.04.2026

Chinese Cybercrime Infrastructure Detected: Automated Exploitation & Harvesting Infrastructure SOCRadar Threat Research Team identified automated Chinese cybercrime infrastructure that blends large-scale exploitation with structured orchestration and monetization. The operation is coordinated through a centralized backend (referred to as ‘paperclip‘) and an agent-based workflow system OpenClaw, enabling operators to manage campaigns through structured missions. The system […]

Mehr lesen →

security

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

von SecurityWeek • 30.04.2026

Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions. The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek.

Mehr lesen →

soc

SAP Ecosystem Targeted: The Mini Shai-Hulud Supply Chain Attack

von SOCRadar • 30.04.2026

SAP Ecosystem Targeted: The Mini Shai-Hulud Supply Chain Attack A sophisticated npm supply-chain compromise dubbed “Mini Shai-Hulud” has recently emerged, creating an urgent risk for SAP CAP development teams and CI/CD environments. Threat actors leverage trusted packages to deliver an 11.7 MB credential stealer and self-propagating framework. Instead of simply disrupting services, this malware silently […]

Mehr lesen →

📅 Kalender