Cybersecurity
Curated coverage and analysis in this editorial area.
CVE-2026-48172: Critical Root Escalation in LiteSpeed cPanel Plugin Under Active Attack
A critical vulnerability in LiteSpeed’s cPanel plugin allows for privilege escalation to root. We break down the mechanism and provide…
macOS USD Library Bug ZDI-26-315 Exposes System Memory, Patch Issued May 12
Apple has addressed ZDI-26-315, an out-of-bounds read vulnerability in the macOS Universal Scene Description (USD) library. Rated CVSS…
Cloud Atlas Upgrades Arsenal: Novel Backdoors and Stealth RDP Patching for Cyber-Espionage
Between 2025 and 2026, the Cloud Atlas APT deployed previously undocumented backdoors, VBCloud and PowerShower, alongside modified sys…
Talos Unveils AI Honeypots to Trap Malicious Agents: The Rise of Cognitive Warfare
Cisco Talos demonstrates how generative honeypots can deceive automated AI threats by weaponizing their lack of contextual awareness a…
Mirai Variant Targets EOL TP-Link Routers via Flawed Exploit for Valid Vulnerability
Unit 42 has identified active exploitation attempts targeting CVE-2023-33538 on end-of-life TP-Link routers. While current in-the-wild…
Italian Revenue Agency Phishing: Cloned SPID Portal Uses Pre-filled Emails to Target Public Sector
CERT-AGID has identified a targeted phishing campaign against the Italian Revenue Agency (Agenzia delle Entrate) featuring cloned SPID…