Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...

Popular WordPress redirect plugin hid dormant backdoor for years

The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...

OpenAI Codex system prompt includes explicit directive to “never talk about goblins”

The system prompt for OpenAI’s Codex CLI contains a perplexing and repeated warning for the most recent GPT model to “never ...

New ransomware is so badly coded it destroys your files instead of holding them hostage

Check Point researchers have uncovered a new ransomware-as-a-service threat with significant design flaws. Vect 2.0 is unable ...