Paid Promotion
Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
Apr 30, 2026
Security & Infrastructure Tools
New Linux Copy Fail flaw gives hackers root on major distros
A new Linux local privilege escalation called Copy Fail (CVE-2026-31431) lets an unprivileged user gain root by performing a 4-byte write into the page cache via the AF_ALG crypto interface and splice(), affecting kernels back to 2017. The exploit has been demonstrated on Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16; upstream fixes were released on April 1, 2026, with distributions racing to push patches. Interim mitigations include disabling the AF_ALG interface or the algif_aead module, and promptly patching multi-tenant environments.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
Hackers Exploit Authentication Bypass Flaws in Qinglong Task Scheduler to Deploy Cryptominers
Hackers exploited two authentication-bypass flaws in Qinglong’s open-source task scheduler (CVE-2026-3965 and CVE-2026-4047) to deploy cryptomining on exposed servers, beginning in February before public disclosure. The issues stemmed from a mismatch between middleware authorization and Express.js routing, allowing access to protected admin endpoints via unauthenticated paths. Infections were observed across multiple setups, with a rogue process named “.fullgc” consuming heavy CPU and attackers modifying config.sh to download miners from an external host; a fix was finally merged in PR #2941 after earlier mitigations in PR #2924 proved insufficient.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
Hackers arrested for hijacking and selling 610,000 Roblox accounts
Ukrainian police in Lviv arrested three hackers who hijacked over 610,000 Roblox accounts and sold them for about $225,000. The operation, led by a 19-year-old, used credential-stealing malware disguised as a game-enhancer to target high-value accounts, with ten searches yielding cash and electronic evidence. The suspects, aged 19, 21, and 22, face up to 15 years in prison on theft and unauthorized IT interference charges, as investigations continue.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
cPanel, WHM emergency update fixes critical auth bypass bug
cPanel and WHM issued an emergency update to fix a critical authentication bypass vulnerability that could grant unauthorized access to the hosting control panel. Admins must run the manual patch command (/scripts/upcp --force) to upgrade to patched builds (11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, 11.136.0.5). Namecheap temporarily blocked WHM/cPanel ports 2083 and 2087 to protect users until patches were available, and users on unsupported versions should upgrade immediately. If exploited, the flaw could let attackers fully control hosting accounts, plant backdoors, and conduct other malicious activities.
By TechLogHub