Skip to content
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

Ravie LakshmananJun 16, 2026Vulnerability / Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive… 

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap… 

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by… 

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI… 

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Swati KhandelwalJun 15, 2026Vulnerability / Enterprise Security A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers… 

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Ravie LakshmananJun 15, 2026Browser Security / Privacy Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) family. The… 

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

Ravie LakshmananJun 15, 2026Social Engineering / Browser Security Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures,…