Skip to content
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions. “Any cPanel user (including anRead More »LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions ofRead More »Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Friday Squid Blogging: Regulating Squid Fishing in the South Pacific

The South Pacific Regional Fisheries Management Organization (SPRFMO) needs to regulate squid fishing in the South Pacific. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN Service was led by France and the Netherlands, with severalRead More »First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country. The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishingRead More »Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

CISA Security Leak

Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISARead More »CISA Security Leak

Copyright © 2026 infosecintel.net