Researchers at Theori and Xint disclosed Copy Fail yesterday, a Linux kernel bug introduced in 2017 that lets any unprivileged user with shell access become root in seconds. The exploit is a 732-byte Python script that works without version-specific tweaks on every major Linux distribution since 2017 - Ubuntu, Amazon Linux, RHEL, SUSE. Unlike previous kernel bugs (Dirty Cow, Dirty Pipe), Copy Fail has no race condition and no per-kernel offsets. It also leaves no trace on disk because it only modifies the in-memory page cache. The bug was found using AI-assisted reverse engineering and has been hiding in the open for nearly nine years.
SonicWall released emergency firmware updates for Gen 6, Gen 7, and Gen 8 firewalls after CrowdStrike's research team disclosed three SonicOS flaws on April 29. The worst is CVE-2026-0204 (CVSS 8.0), a weak authentication bug in the management interface that lets an attacker on an adjacent network reach management functions without logging in - and from there change firewall rules, disable security protections, or open new holes. The other two are post-authentication: CVE-2026-0205 is a path traversal that breaks out of restricted directories, and CVE-2026-0206 is a buffer overflow that crashes the firewall. No public exploits yet.
LiteLLM, the popular open-source gateway used to centralize API access for OpenAI, Anthropic, and other AI providers, has a critical pre-authentication SQL injection bug that attackers started exploiting just 36 hours after the security advisory went public. The flaw lets anyone who can reach the proxy port read all the API keys stored inside - including master keys, virtual keys, and provider credentials. The bug was in the bearer-token check: the token was concatenated into a SQL query instead of passed as a parameter. Sysdig saw the first attack at 04:24 UTC on April 26, hitting three tables that hold the most valuable secrets.
Researchers disclosed CVE-2026-3854, a critical GitHub Enterprise Server flaw that lets anyone with push access execute arbitrary commands on the GitHub server with a single git push. The bug is in how Enterprise Server handles repository hooks during push operations - a crafted commit message or filename bypasses the sanitization that normally prevents shell injection. GitHub patched it last week, but self-hosted instances need to apply the patch manually, and telemetry shows most haven't yet. Anyone with developer-level access to a vulnerable Enterprise Server can take over the entire instance, then pivot into every repository and CI/CD secret it hosts.
Microsoft confirmed yesterday that a Windows Shell spoofing flaw, CVE-2026-32202, is being exploited in the wild. The bug lets an attacker craft files that appear in File Explorer with fake names, icons, and paths - so a malicious .exe can show up looking like a benign PDF, leading users to double-click and run it. Microsoft patched the bug in the April 14 Patch Tuesday but only confirmed in-the-wild exploitation on April 28, raising urgency for any environment that hasn't deployed April patches. The flaw is particularly dangerous on shared file servers, USB drops, and email attachments - any path where users trust File Explorer to tell them what's what.
Microsoft quietly patched a privilege escalation flaw in Entra ID (formerly Azure AD) that let an attacker with a low-privileged service account take over any service principal in the same tenant - including high-value ones with admin consent grants. The bug was in how Entra ID validated role assignments during certain API calls: the validator checked whether the caller had any role on a service principal but didn't check whether that role authorized the specific action. Microsoft fixed the flaw on the back end, so customers don't need a patch - but the takeover scenario means anyone who exploited it before the fix could have created persistent backdoors via OAuth grants.
Researchers disclosed a critical unauthenticated remote code execution flaw in Hugging Face's LeRobot, the open-source framework used to train and deploy ML models on physical robots. CVE-2026-25874 sits in the framework's web interface, which by default listens on all network interfaces with no authentication - quick for demos, but a hard fail when the demo box ends up on a corporate network. There is no patch yet. Hugging Face has been notified but hasn't released a fix. Particularly serious because LeRobot is usually attached to actual robotic hardware, so a compromise can mean unsafe physical actions.
cPanel disclosed a critical authentication bypass on Monday affecting every cPanel and WHM version - including end-of-life builds. CVSS 9.8. The bug let unauthenticated attackers log in as administrators by abusing how the cPanel session daemon writes session files during login. Hosting providers including Namecheap, KnownHost, hosting.com, HostPapa, and InMotion took cPanel and WHM offline globally for hours while patches deployed. Researchers at watchTowr published a working proof-of-concept on April 29. KnownHost reports possible targeted exploitation as early as February 23, 2026 - more than two months before disclosure.
Update on the Windows Defender zero-day situation: Huntress now confirms attackers are chaining the three flaws leaked April 3 by a researcher called 'Chaotic Eclipse' to deploy a custom tunneling agent named 'BeigeBurrow' on victim systems. Microsoft patched one of the three (BlueHammer, CVE-2026-33825) on April 14, but the other two are still unpatched two weeks later: RedSun lets attackers gain SYSTEM privileges even on patched machines, and UnDefend stops Defender from receiving signature updates - effectively turning off the antivirus. CISA gave federal agencies until May 6 to deploy the BlueHammer patch.
CISA added four flaws to KEV on April 24 with a May 8 federal deadline. The headline is CVE-2024-57726 (CVSS 9.9), a missing authorization in SimpleHelp RMM that lets a low-privileged technician mint API keys above their role and escalate to server admin; companion CVE-2024-57728 (CVSS 7.2) chains a path traversal for RCE. SimpleHelp featured in DragonForce and Akira ransomware campaigns last year. CVE-2024-7399 (CVSS 8.8) is a Samsung MagicINFO 9 path traversal with a public PoC since 2024. The fourth, CVE-2025-29635, is the D-Link DIR-823X bug we covered last week.
TrustStrike Labs