# Archive
Browse past daily curated stories
Thursday, April 30, 2026
-
1Schneier on Security threat-intelClaude Mythos Has Found 271 Zero-Days in Firefox
Claude Mythos has discovered 271 zero-day vulnerabilities in Firefox since February 2026, building on previous work with Opus 4.6 that found 22 security-sensitive bugs in Firefox 148. This represents an extraordinary scale of AI-assisted vulnerability discovery that demonstrates the potential for autonomous security research tools to uncover previously unknown flaws in critical software.
-
2BleepingComputer generalOfficial SAP npm packages compromised to steal credentials
Multiple official SAP npm packages were compromised in a TeamPCP supply-chain attack using "Mini Shai-Hulud" credential-stealing malware that targets developers' authentication tokens. The campaign specifically targeted SAP's JavaScript and cloud application packages, representing a significant threat to enterprise development environments relying on SAP's ecosystem.
-
3BleepingComputer generalGitHub fixes RCE flaw that gave access to millions of private repos
GitHub patched CVE-2026-3854, a critical remote code execution vulnerability allowing authenticated users to achieve RCE with a single 'git push' command and potentially access millions of private repositories. The command injection flaw was discovered using AI reverse-engineering tools and affects both GitHub.com and GitHub Enterprise Server.
-
4BleepingComputer generalcPanel, WHM emergency update fixes critical auth bypass bug
cPanel released emergency updates for a critical authentication bypass vulnerability affecting all supported versions that allows unauthenticated access to control panel software. The issue is patched in versions 11.110.0.97, 11.118.0.63, 11.126.0.54, and 11.132.0.29, requiring immediate server updates.
-
5BleepingComputer generalCISA orders feds to patch Windows flaw exploited as zero-day
CISA added CVE-2024-1708 (ConnectWise ScreenConnect path traversal) and an actively exploited Windows vulnerability to its Known Exploited Vulnerabilities catalog, ordering federal agencies to patch these zero-day flaws. Both vulnerabilities are being actively exploited in the wild according to CISA's threat intelligence.
-
6BleepingComputer generalHackers are exploiting a critical LiteLLM pre-auth SQLi flaw
CVE-2026-42208, a critical SQL injection vulnerability in BerriAI's LiteLLM large language model gateway, is being actively exploited within 36 hours of public disclosure. The CVSS 9.3 flaw allows attackers to read and modify database content in LiteLLM proxy deployments used for managing AI model access.
-
7BleepingComputer generalPopular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect WordPress plugin, installed on over 70,000 sites, contained a dormant backdoor added five years ago that enables arbitrary code injection. The long-term compromise demonstrates sophisticated supply chain persistence tactics targeting popular WordPress infrastructure.
-
8BleepingComputer generalBroken VECT 2.0 ransomware acts as a data wiper for large files
VECT 2.0 ransomware contains a critical encryption flaw that permanently destroys files larger than 131KB instead of encrypting them due to improper nonce handling across Windows, Linux, and ESXi systems. The implementation error makes the malware function more like a wiper, with no possibility of data recovery even for attackers.
-
9BleepingComputer generalHackers arrested for hijacking and selling 610,000 Roblox accounts
Ukrainian police arrested three individuals who hijacked over 610,000 Roblox gaming accounts and sold them for $225,000 in profits. The operation targeted both Ukrainian and foreign players' accounts containing valuable digital items, rare equipment, and real-money purchased in-game currency.
-
10Dark Reading generalAI Finds 38 Security Flaws in Electronic Health Record Platform
AI tools discovered 38 security vulnerabilities in OpenEMR's electronic health record platform used by more than 100,000 healthcare providers worldwide. The flaws enable database compromise, remote code execution, and theft of sensitive patient information, highlighting critical risks in widely-deployed medical software.