Paid Promotion
Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
Apr 29, 2026
Security & Infrastructure Tools
Hackers Exploit Authentication Bypass Flaws in Qinglong Task Scheduler to Deploy Cryptominers
Hackers exploited two authentication-bypass flaws in Qinglong’s open-source task scheduler (CVE-2026-3965 and CVE-2026-4047) to deploy cryptomining on exposed servers, beginning in February before public disclosure. The issues stemmed from a mismatch between middleware authorization and Express.js routing, allowing access to protected admin endpoints via unauthenticated paths. Infections were observed across multiple setups, with a rogue process named “.fullgc” consuming heavy CPU and attackers modifying config.sh to download miners from an external host; a fix was finally merged in PR #2941 after earlier mitigations in PR #2924 proved insufficient.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
Hackers arrested for hijacking and selling 610,000 Roblox accounts
Ukrainian police in Lviv arrested three hackers who hijacked over 610,000 Roblox accounts and sold them for about $225,000. The operation, led by a 19-year-old, used credential-stealing malware disguised as a game-enhancer to target high-value accounts, with ten searches yielding cash and electronic evidence. The suspects, aged 19, 21, and 22, face up to 15 years in prison on theft and unauthorized IT interference charges, as investigations continue.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
cPanel, WHM emergency update fixes critical auth bypass bug
cPanel and WHM issued an emergency update to fix a critical authentication bypass vulnerability that could grant unauthorized access to the hosting control panel. Admins must run the manual patch command (/scripts/upcp --force) to upgrade to patched builds (11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, 11.136.0.5). Namecheap temporarily blocked WHM/cPanel ports 2083 and 2087 to protect users until patches were available, and users on unsupported versions should upgrade immediately. If exploited, the flaw could let attackers fully control hosting accounts, plant backdoors, and conduct other malicious activities.
By TechLogHub
Apr 29, 2026
Security & Infrastructure Tools
European police dismantles €50 million crypto investment fraud ring
European authorities, led by Austria and Albania with Europol and Eurojust, dismantled a €50 million cryptocurrency investment fraud ring operating through call centers in Tirana. The scheme lured victims with fake platforms, diverted funds to an international money-laundering network, and included a secondary scam asking for fees to recover losses; 10 suspects were arrested and assets seized across multiple countries.
By TechLogHub