# Top Stories

The CopyFail vulnerability (CVE-2026-31431) affecting Linux kernels since 2017 allows unprivileged local users to gain root access by writing four controlled bytes into the page cache of readable files. This impacts multi-tenant servers, CI/CD pipelines, and Kubernetes containers across all major distributions.

CISA added CVE-2026-41940, a critical authentication bypass vulnerability in cPanel and WHM, to its Known Exploited Vulnerabilities catalog after hosting providers confirmed active exploitation attempts since late February. The vulnerability allows attackers to gain administrative access to vulnerable servers.

PyTorch Lightning versions 2.6.2 and 2.6.3 published on April 30, 2026 were compromised with credential-stealing malware in a supply chain attack targeting the popular Python machine learning framework. The malicious packages were pushed to PyPI to conduct credential theft against developers.

TeamPCP compromised several npm packages for SAP's cloud application development ecosystem using the 'Mini Shai-Hulud' attack method. The attack introduces preinstall hooks that fetch and execute a Bun binary to bypass security monitoring and steal credentials from developers.

The FBI reported a sharp surge in cyber-enabled cargo theft with estimated losses reaching $725 million in 2025 across the US and Canada. Cybercriminals break into freight broker and carrier systems to post fraudulent listings and hijack legitimate cargo shipments.

The FBI warned that cyber actors have spent two years infiltrating freight broker and carrier systems to pose as legitimate companies and post fraudulent cargo delivery listings. This cyber-enabled cargo theft has generated millions in illicit profits for attackers.

Former incident responders Ryan Goldberg and Kevin Martin were sentenced to 4 years in prison for conducting ransomware attacks against five companies in 2023, extorting nearly $1.3 million from one victim. The case highlights insider threats within the cybersecurity industry.

A Romanian national who led an online swatting ring targeting over 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. The coordinated harassment campaign involved false emergency calls to prompt armed police responses.

French authorities arrested a 15-year-old on April 25 for suspected involvement in breaching ANTS, France's National Agency for Secure Documents that processes applications for passports, national identity cards, residence permits and driver's licenses. The breach potentially exposed sensitive personal data of French citizens.

A joint US-Chinese operation arrested 276 suspects and shut down nine cryptocurrency investment fraud centers in Dubai. The international law enforcement action followed numerous FBI victim complaints from Americans who lost millions through fraudulent crypto investment schemes.