The Cipher

Daily brief · Cyber · AI · Tech

Daily brief at 7am Melbourne. Unsubscribe any time.

← The Cipher

Friday 1 May 2026

cPanel's Zero-Day Was Live for Months Before Anyone Said a Word

A critical cPanel authentication bypass has been exploited in the wild since February, OpenAI follows Anthropic in locking down its most dangerous AI cyber tool, and the Linux "Copy Fail" flaw is shaking multi-tenant infrastructure everywhere.

Lead story

cPanel's Zero-Day Was Live for Months Before Anyone Said a Word

A critical authentication bypass in cPanel, WHM, and WP Squared — tracked as CVE-2026-41940 — has been actively exploited in the wild since at least late February, and it took until this week for a public disclosure, a PoC release, and a CISA Known Exploited Vulnerabilities listing to arrive more or less simultaneously. That timeline — roughly two months of quiet exploitation before the world was told — is the part worth sitting with.

The flaw lets an attacker bypass authentication entirely and gain administrative access to a vulnerable server. No credentials required. cPanel is the control panel software that underpins a significant share of shared web hosting globally; conservative estimates put the number of affected sites in the tens of millions. The PoC is now public, which means the window between "patch available" and "commodity exploit in the wild" is essentially closed.

What happened, technically: The bug lives in cPanel's authentication layer. An unauthenticated request, crafted correctly, can leapfrog the login check and arrive at privileged functionality. Hosting providers have confirmed they observed exploitation attempts dating back to February, which means threat actors had a working exploit well before security researchers published their findings. That's a classic zero-day gap — and in this case, a long one.

Why it matters beyond the obvious: cPanel is everywhere. It sits under budget hosting accounts, SMB websites, and the managed WordPress stacks of businesses that have never thought about their control panel software. The organisations most exposed are the ones least likely to have a patching cadence at all. CISA's KEV listing means US federal agencies have a hard deadline to remediate, but the long tail of vulnerable instances across commercial hosting will take much longer to clear.

The supply chain angle is real too. Attackers with admin access to a cPanel instance can modify DNS records, inject malicious code into hosted sites, intercept email, and pivot to hosted databases — all from a single authentication bypass. One compromised shared hosting server can affect hundreds of downstream sites.

Australian context: Australian small businesses and government-adjacent organisations that rely on shared hosting are in the blast radius here. The ACSC has not yet published a specific advisory, but the CISA KEV listing and the active exploitation status mean this should be treated as urgent. Hosting providers operating under the Privacy Act's notifiable data breach scheme should be assessing exposure now — a compromised cPanel instance with access to customer data would almost certainly trigger notification obligations.

Patch immediately. If you run cPanel or WHM, check your version against the vendor's patched releases. If you're on managed hosting and don't know whether your provider has patched, ask. The PoC being public means this is no longer a question of "if" attackers will try — they already have been.

Also today

OpenAI Locks Down GPT-5.5 Cyber — Days After Mocking Anthropic for Doing the Same

OpenAI will initially restrict access to its new GPT-5.5 Cyber model to a curated group of "critical cyber defenders" only — a near-identical approach to the one Anthropic took with Mythos, which OpenAI had publicly criticised as overly cautious just days earlier. The reversal underlines a growing industry consensus that frontier-level AI cyber tools are genuinely too capable to hand out freely, even as companies argue about the right access model. The evaluation of GPT-5.5 Cyber's capabilities, published simultaneously, confirms it can automate vulnerability discovery and exploitation at a level that demands careful handling.

TechCrunch

Linux 'Copy Fail' Flaw: Nine Years in the Kernel, Root on Demand

A local privilege escalation vulnerability dubbed "Copy Fail" (CVE-2026-31431) has been disclosed in the Linux kernel's cryptographic template code — a bug introduced in 2017 that lets an unprivileged local user write four controlled bytes into the page cache of any readable file, ultimately gaining root. The flaw affects virtually every major Linux distribution. Ars Technica calls it the most severe Linux threat in years, noting exposure across multi-tenant servers, CI/CD pipelines, and Kubernetes clusters. A patch is available; the concern now is the long tail of unpatched cloud and container infrastructure. Australian cloud workloads running on unpatched Linux distributions — including many AWS, Azure, and GCP instances — should be treated as at risk until confirmed patched.

Ars Technica

PyTorch Lightning Compromised in Supply Chain Attack Targeting Credentials

Threat actors pushed two malicious versions of the popular Python package PyTorch Lightning — versions 2.6.2 and 2.6.3 — to PyPI on 30 April, with the compromised packages designed to steal credentials from affected systems. The Intercom-client package was hit in the same campaign. Researchers at Aikido Security, OX Security, Socket, and StepSecurity each identified the malicious versions independently and flagged them quickly, limiting exposure — but the window was real. PyTorch Lightning is widely used in ML training pipelines, meaning the target demographic here is developers building AI systems. Anyone who pulled these versions on the day of release should rotate credentials immediately and audit their environment.

The Hacker News

SAP npm Packages Hit in 'Mini Shai-Hulud' Supply Chain Attack

A threat actor tracked as TeamPCP has compromised multiple npm packages used in SAP's cloud application development ecosystem. The attack — internally dubbed "Mini Shai-Hulud" — works by injecting a preinstall hook into affected packages that fetches and executes a Bun binary, bypassing standard security monitoring tools. The campaign is notable for its specificity: SAP's developer toolchain is used in large enterprise environments worldwide, making it a high-value target. Australian organisations running SAP Business Technology Platform (BTP) workloads should review their npm dependency trees and check for the presence of the malicious preinstall hook.

SecurityWeek

An Anti-DDoS Firm Was Secretly Powering DDoS Attacks

A Brazilian network protection company that sells DDoS mitigation services has been identified as the source of a sustained DDoS campaign against other Brazilian ISPs — with the attacks traced back to a botnet the firm was, knowingly or otherwise, operating. The company's CEO blames a security breach and claims a competitor planted the malicious activity to damage the firm's reputation. Whether that story holds up is yet to be verified, but the incident illustrates a structurally awkward truth: DDoS protection requires seeing attack traffic, which means mitigation providers are uniquely positioned to amplify it. Krebs on Security broke the story.

Krebs on Security

Novel Chinese Spy Group Found Lurking in Polish and Asian Critical Networks

A previously undocumented Chinese-linked threat group has been found operating inside critical infrastructure networks in Poland and multiple Asian countries, using a stealthy command-and-control framework that runs on a sleep cycle to avoid detection. The group's tooling is described as sophisticated enough to maintain long-term persistent access while blending into legitimate traffic patterns. The discovery adds to a growing body of evidence that state-affiliated actors are pre-positioning inside Western and aligned-nation infrastructure — a pattern the ACSC has specifically warned about in its annual threat report. The Register first reported the details.

The Register

France Investigates a 15-Year-Old Over Breach of National ID Agency

French prosecutors have taken a 15-year-old into custody on suspicion of hacking the National Agency for Secure Documents (ANTS) — the body that processes applications for passports, national identity cards, residence permits, and driver's licences. The scale of the breach hasn't been fully disclosed, but given ANTS handles sensitive identity documents for the entire French population, the potential exposure is significant. The suspect's age is a stark reminder that high-impact breaches of government infrastructure don't require sophisticated nation-state resources. The case also raises questions about the security posture of agencies that hold population-level identity data.

The Record

Anthropic Chasing a $900B Valuation — Within Weeks

Anthropic is asking investors to submit allocations for a new funding round within 48 hours, with sources telling TechCrunch the deal could close within two weeks at a valuation north of $900 billion. That would make Anthropic one of the most valuable private companies in history — roughly on par with some of the world's largest banks. The round follows Google's $40B investment commitment and comes as the company's Mythos model has reshaped public perception of what frontier AI can do. For context, Anthropic was valued at around $60B eighteen months ago. The pace of that appreciation tells you something about how markets are pricing AI capability right now.

TechCrunch

Stripe Lets AI Agents Spend Your Money — With Guardrails

Stripe has updated its Link digital wallet to support autonomous AI agents, allowing users to connect payment methods and then authorise agents to make purchases on their behalf through explicit approval flows. The practical use case is agentic shopping: an AI assistant that can not only find the best price on something but actually complete the transaction. Stripe is positioning approval flows and spending limits as the safety layer. It's a significant moment for agentic commerce — and one that raises serious questions about what happens when those approval flows are bypassed or an agent is manipulated into authorising something the user didn't intend.

TechCrunch

Goodfire's Silico Lets You Debug an AI Model Mid-Training

San Francisco-based startup Goodfire has released a mechanistic interpretability tool called Silico that lets researchers and engineers inspect the internal behaviour of an LLM and adjust its parameters during training — not just after the fact. The tool aims to give model builders finer-grained control over what a model learns and why, rather than discovering unwanted behaviour post-deployment. Mechanistic interpretability has been a research priority for Anthropic and DeepMind, but tooling that makes it accessible to practitioners is still thin. Silico is one of the first commercial products targeting that gap directly. MIT Technology Review covered the release.

MIT Technology Review

Apple Earnings: $57B iPhone Quarter, AI Demand Straining Mac Supply

Apple posted Q2 revenue of $111.2 billion, with iPhone revenue jumping 22 percent to $57 billion — strong numbers that would have been even better without ongoing chip supply constraints. The more surprising admission was around Macs: Apple said demand driven by AI workloads has outpaced supply for the Mac mini, Studio, and Neo product lines, and expects the constraint to continue next quarter. CEO Tim Cook described iPhone demand as "off the charts." The results are a signal that AI is already moving hardware at scale — not through dedicated AI devices, but through people upgrading computers to run local models and heavy AI-assisted workflows.

The Verge

Sources consulted