⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Ravie LakshmananMay 04, 2026Cybersecurity / Hacking

This week, the shadows moved faster than the patches.

While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.

The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and scaling operations like legitimate businesses — except their product is chaos. And the underground is getting uncomfortably professional.

Here’s the full weekly cybersecurity recap:

⚡ Threat of the Week

cPanel Flaw Comes Under Attack—A critical flaw in cPanel and WebHost Manager (WHM) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-41940, could result in an authentication bypass and allow remote attackers to gain elevated control of the control panel. In some cases, the attacks have led to a complete wipe of entire websites and backups. Other attacks have deployed Mirai botnet variants and a ransomware strain called Sorry.

• Cybercrime Groups Use Vishing for Data Theft and Extortion—Two cybercrime groups tracked as Cordial Spider and Snarky Spider are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The groups employ voice calls, text messages, and emails, directing targeted employees to phishing pages masquerading as their employer’s legitimate single sign-on (SSO) page to capture credentials and provide attackers an entry point into systems, which they exploit for deeper access to victims’ SaaS environments. The attacks also use the initial access hooks to remove and set up multi-factor authentication devices under their control and delete emails that would otherwise alert organizations of potential malicious activity. According to CrowdStrike, “These actors use vishing to bypass MFA and move laterally across entire SaaS ecosystems with a single authenticated session, masking their tracks through residential proxy networks to blend in as legitimate home user traffic. This is part of a larger trend of English-speaking ransomware crews that share similar playbooks but are branching off into their own distinct groups.”
• Copy Fail Linux Flaw Exploited—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-31431, a vulnerability impacting various Linux distributions, to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. It’s described as a logic bug in the Linux kernel’s authentication cryptographic template that allows an attacker to reliably trigger privilege escalation trivially by means of a 732-byte Python-based exploit. According to Theori and Xint, CVE-2026-31431 was the result of a series of unremarkable updates to the Linux kernel over the years, particularly one update from 2017 that was meant to speed up data encryption. As a result, all major Linux distributions from 2017 are impacted. What complicates matters is that Copy Fail works 100% of the time, unlike most local privilege escalation (LPE) bugs that tend to be probabilistic in nature. More worryingly, it leaves no traces on disk as exploitation occurs in memory and enables container escape from any pod in a Kubernetes cluster.
• TeamPCP’s Supply Chain Attack Spree Continues—TeamPCP’s extensive supply chain campaign continued last week, as the cybercriminal group compromised several packages across the npm, PyPI, and Packagist ecosystems in a “Mini Shai Hulud” attack. TeamPCP has in recent months compromised the packages of several open source software projects, including Trivy, a security scanner maintained by Aqua Security, and KICS, a Checkmarx-developed tool for static code analysis. Amit Genkin, threat researcher at Upwind, said the latest string of attacks represents a shift, where they are not only more frequent but harder to detect because they weaponize legitimate CI/CD pipelines to push out poisoned versions under real identities, allowing the activity to blend in with normal development workflows. “Campaigns like Shai-Hulud take that further by using each compromised pipeline to spread to the next, turning credential theft into a scaling problem across environments,” Genkin said. “For teams, the immediate priority is to check for the affected version and rotate any credentials tied to pipelines that may have run it, especially GitHub and cloud tokens. Longer term, this is a signal to reduce how broadly pipeline credentials are scoped and to add visibility into what’s actually happening during installs and builds – because if you’re relying on traditional scanning or known indicators, this type of activity is easy to miss.”
• New Python Backdoor Enables Comprehensive Data Theft—A newly identified stealthy Python-based backdoor framework dubbed DEEP#DOOR provides attackers with persistent remote command execution and surveillance capabilities on Windows computers. Once active, the backdoor enables shell command execution, file manipulation, system and network reconnaissance, and surveillance operations such as keylogging, clipboard monitoring, screenshot capture, microphone and webcam access, and credentials and SSH key harvesting. Additionally, the malware can shift from data gathering to disruption and system manipulation, as it can overwrite the Master Boot Record, force system crashes, exhaust system resources by spawning numerous processes, and disable Microsoft Defender services.
• GitHub Flaw Leads to Remote Code Execution—Cybersecurity researchers from Wiz disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server (CVE-2026-3854, CVSS score: 8.7) that could allow an authenticated user to obtain remote code execution with a single “git push” command. The vulnerability was severe enough that Microsoft rolled out a patch within six days of responsible disclosure. On GitHub.com, it allowed remote code execution on shared storage nodes, and on GitHub Enterprise Server, it granted full server compromise, enabling unauthorized access to all hosted repositories and internal secrets. “Exploitation could expose the codebases of nearly all of the world’s biggest enterprises, making this one of the most severe SaaS vulnerabilities ever found,” a Wiz spokesperson told The Hacker News.
• VECT 2.0 Ransomware’s Flawed Encryption Makes Data Recovery Impossible—VECT 2.0 ransomware has been found to wipe large files instead of merely encrypting them, making recovery impossible, even for the attackers. VECT 2.0 is a ransomware-as-a-service (RaaS) program that first appeared in December 2025. The group quickly grabbed headlines after it announced on BreachForums that it was partnering with TeamPCP, the threat group behind several supply chain attacks, such as Trivy, Checkmarx KICS, LiteLLM, and Telnyx, in March and April 2026. VECT also announced a partnership with BreachForums itself, promising that every registered forum user will become an affiliate and be granted use of the ransomware, negotiation platform, and leak site for operations. Beazley Security, in an analysis of the ransomware, said the VECT 2.0 RaaS panel covers the “full operational lifecycle an affiliate needs from payload generation through to payout.”

🔥 Trending CVEs

Bugs drop weekly, and the gap between a patch and an exploit is shrinking fast. These are the heavy hitters for the week: high-severity, widely used, or already being poked at in the wild.

Check the list, patch what you have, and hit the ones marked urgent first — CVE-2026-41940 (cPanel and WebHost Manager), CVE-2026-31431 aka Copy Fail (Linux Kernel), CVE-2026-42208 (LiteLLM), CVE-2026-3854 (GitHub.com and GitHub Enterprise Server), CVE-2026-32202 (Microsoft Windows Shell), CVE-2026-26268 (Cursor), CVE-2026-35414 (OpenSSH), CVE-2026-6770 (Mozilla Firefox and Tor Browser), CVE-2026-42167 (ProFTPD), CVE-2026-24908, CVE-2026-23627, CVE-2026-24487 (OpenEMR), CVE-2026-6807 (GRASSMARLIN), CVE-2026-7363, CVE-2026-7361, CVE-2026-7344, CVE-2026-7343 (Google Chrome), CVE-2026-7322, CVE-2026-7323, CVE-2026-7324 (Mozilla Firefox), CVE-2026-6100 (CPython), CVE-2026-0204 (SonicWall), CVE-2026-35414 (OpenSSH), CVE-2026-42511 (FreeBSD), CVE-2026-40684, CVE-2026-40685, CVE-2026-40686, CVE-2026-40687 (Exim), CVE-2026-5402, CVE-2026-5403, CVE-2026-5405, CVE-2026-5656 (Wireshark), CVE-2026-42520, CVE-2026-42523, CVE-2026-42524 (Jenkins), CVE-2026-3008 (Notepad++), and CVE-2025-41658, CVE-2025-41659, CVE-2025-41660 (CODESYS).

🎥 Cybersecurity Webinars

• Learn to Spot Attack Paths Your AppSec Tools Completely Miss → Modern attackers chain tiny flaws across code, pipelines, and cloud into major breaches — while your AppSec tools stay blind. Join this free webinar with Wiz and The Hacker News to uncover the top real-world attack paths and learn exactly how to spot, map, and stop them fast. Practical insights to prioritize real risks and strengthen your entire software lifecycle.
• How to Match AI Attack Speed with Autonomous Exposure Validation → Struggling with AI attacks moving faster than your team can respond? Join this free webinar from Picus Security & The Hacker News to discover Autonomous Exposure Validation – how to automatically find real risks, test attack paths, and fix them in minutes, not weeks. Practical, no-fluff insights to stay ahead without burnout. Grab your spot now.
• Learn Latest AI Threats + Practical Ways to Kill Initial Access → Modern attackers are slipping past traditional defenses with AI-powered phishing, encrypted malware, and stealthy “Patient Zero” tactics. Want to stay ahead? Join this free webinar with Zscaler and The Hacker News to uncover the latest threat trends and practical Zero Trust strategies that actually stop initial compromise — before it becomes a full-blown breach. No fluff, just real insights to protect your organization.

📰 Around the Cyber World

• OpenAI Debuts Advanced Account Security —OpenAI launched Advanced Account Security, a set of opt-in protections for ChatGPT users “designed for people at increased risk of digital attacks, as well as for those who want the strongest account protections available.” As part of the new program, the new controls strengthen sign-in protections, tighten account recovery, reduce exposure from compromised sessions, and give users more visibility into account activity. OpenAI has also partnered with Yubico to link two physical security keys, YubiKey C Nano and YubiKey C NFC, to ChatGPT accounts. That said, users can use any other FIDO-compliant security key, or use software-based passkeys for phishing-resistant authentication.
• Over 8.8K Ransomware Attacks in 2025 —Fortinet said it recorded 7,831 confirmed ransomware victims globally in 2025, skyrocketing from approximately 1,600 identified victims in 2024. “Availability of crime service kits like WormGPT, FraudGPT, and BruteForceAI contributed to this 389% increase year-over-year (YoY),” Fortinet said. “The top three targeted sectors include manufacturing (1,284), business services (824), and retail (682). Geographic concentration includes the U.S. (3,381), Canada (374), and Germany (291).”
• KidsProtect Android Surveillance Tool Marketed on the Web —A new Android surveillance tool called KidsProtect is being openly advertised on the clear web that gives an operator near-total secret control of a victim’s phone. “It can’t be removed without the attacker’s permission,” Certo said. “From a web-based dashboard, an operator can secretly record calls, stream live audio from the device’s microphone, track GPS location in real time, read SMS messages and notifications from apps including WhatsApp and Viber, log keystrokes, access contacts and photos, and remotely trigger the front and rear cameras.” Assessed to be the work of a Greek-speaking developer, it’s available on a subscription basis starting from $60, allowing anyone to buy it, rebrand it, and start selling it as their own.
• New KYCShadow Android Malware Detected —An Android malware masquerading as a bank KYC verification application is being distributed via WhatsApp and primarily targeting users in India. “The application operates as a multi-stage dropper that installs a secondary payload and establishes persistent command-and-control (C2) communication,” CYFIRMA said. “It combines native code obfuscation, Firebase-based remote execution, VPN-based traffic manipulation, and WebView-based phishing to systematically harvest sensitive user data.”
• Phishing Campaign Targets Pakistan Orgs —A highly targeted spear-phishing campaign targeting the Punjab Safe Cities Authority and PPIC3 in Pakistan has been found to use legitimate-sounding government infrastructure projects as lures to deliver malware. “The email carried two malicious attachments: a Word document with a VBA macro dropper and a PDF with a fake Adobe Reader lure, both delivering payloads from a BunnyCDN-hosted malicious infrastructure,” Joe Security said. “The attack chain establishes persistent remote access by abusing Microsoft’s legitimate VS Code tunnel service, with exfiltration notifications sent via a Discord webhook — a sophisticated technique designed to evade network-level detection.”
• Calendly-Themed Phishing Attacks on the Rise —Multiple threat clusters are leveraging Calendly-themed phishing to fingerprint site visitors and steal credentials and other data. “Behind the shared Calendly branding sits a diverse set of phishing kits, including API-driven frameworks, real-time Socket.IO applications, fake CAPTCHA chains, and Telegram-based exfiltration,” urlscan said.
• Fraud Campaigns GovTrapand FEMITBOT Exposed —Threat actors have been observed deploying sophisticated tactics, including fake government portals, SMS phishing, and lookalike domains, to drive financial fraud and credential harvesting as part of an effort called GovTrap. The government impersonation scam mimics official portals with high accuracy, with links to the fake sites distributed via SMS or email. The end goal is to trick users into entering their personal and financial information, or make non-existent payments that are transferred through money mule accounts. The collected payment card details are abused to facilitate fraudulent transactions. Another threat cluster has leveraged FEMITBOT, a malicious infrastructure that abuses Telegram Mini Apps to scale global fraud campaigns and Android malware delivery. “By leveraging Telegram’s native features, threat actors create highly convincing fake platforms across crypto, financial services, AI, and streaming sectors,” CTM360 said. “Built on a modular, template-driven architecture, FEMITBOT enables rapid deployment, brand impersonation, and campaign optimization using real-time tracking and analytics.”
• New PowerShell Desktop Stealer Spotted —A Pastebin-hosted PowerShell script disguised as “Windows Telemetry Update” comes with capabilities to steal Telegram Desktop session data via Telegram bot API exfiltration. “The script collects host metadata, including username, hostname, and public IP via api.ipify[.]org, then checks for Telegram Desktop and Telegram Desktop Beta tdata directories,” Flare said. “If found, it terminates the Telegram process to release file locks, archives session material into ‘TEMPdiag.zip,’ and uploads the archive to the attacker-controlled operator chat via the Telegram Bot API sendDocument endpoint.”
• Surge in Teams Phishing in 2026 —eSentire said it has observed an increase in Microsoft Teams-based phishing since early 2026, in which threat actors impersonate IT support and help desk personnel to trick users into granting remote access to their devices. “These phishing attacks have often been linked to email bombing, followed by threat actors reaching out to users under the guise of providing assistance to resolve an issue,” eSentire said. “The objective of the attack is to trick the user into granting remote access to their device, and once obtained, threat actors will attempt to exfiltrate data and execute additional payloads to establish persistence or deploy ransomware.”
• New KarstoRAT Malware Enables Data Theft —First spotted in early 2026, KarstoRAT is capable of system reconnaissance, audio and webcam monitoring, screenshot capture, key logging, and token theft. It also enables threat actors to download and run additional payloads, which could point to it being used for post-compromise control on infected machines. “KarstoRAT uses a command-and-control (C2) server that has a diverse set of open ports and services, indicating that it has a multi-purpose infrastructure created for C2 communication and payload distribution,” LevelBlue said. “Threat actors use a fake Blox Fruits (a popular Roblox game) virtual marketplace as a lure to trick players into downloading malware that will install KarstoRAT into their machines.”
• ClickUp Discloses Email Address Exposure —ClickUp said its client-side feature flag configuration exposed personally identifiable information. This included 893 customer email addresses that were embedded in feature flag targeting rules, along with one flag that improperly referenced a customer’s API token. “The exposure was limited to 893 customer email addresses used in feature flag targeting rules to control which users see specific features during rollouts,” it said. “If your email address was among those included in a feature flag configuration, you have been directly contacted.” The incident did not expose any other data.
• Finnish Authorities Arrest Alleged Scattered Spider Member —Finnish authorities arrested 19-year-old Peter Stokes (aka Bouquet), a dual U.S.-Estonian citizen, as he tried to board a flight to Japan. U.S. prosecutors have charged him as a key member of the notorious Scattered Spider hacking group, and he faces multiple counts of wire fraud, conspiracy, and computer intrusion.
• New Attacks Linked to Versatile Werewolf —The threat actor known as Versatile Werewolf (aka HeartlessSoul) has been linked to campaigns targeting Russian state structures and aviation companies via phishing emails with malicious archive attachments and malvertising campaigns to deliver a JavaScript trojan. The end goal is to obtain confidential data, particularly geospatial information. Alternatively, the threat actor is known to distribute malicious code using the legitimate SourceForge platform through a project called GearUP. Versatile Werewolf is believed to be active since at least September 2025. Some of the attachments have exploded ZDI-CAN-25373 to trigger the infection chain. The malvertising campaign uses fake domains (“battleflight[.]pro”) to deliver bogus installers for aviation-related software to launch the same trojan. “The initial infection involves executing PowerShell commands or scripts designed to download a JavaScript loader from C2 servers,” Kaspersky said. “This loader, in turn, loads and executes the main JS-RAT and its modules in memory, among which we found tools for data collection and exfiltration, keyloggers, screen capture tools, UAC bypass tools, and other payloads.” The company noted that the domain “battleflight[.]pro” resolves to an IP address that also hosts fake domains linked to the GOFFEE APT. “Both groups actively use PowerShell payloads to deliver and execute malicious modules,” it added. “GOFFEE also targets the public sector, which suggests the possibility of joint or coordinated campaigns.”
• Cisco Unveils Model Provenance Kit —Cisco unveiled a new open-source tool, named Model Provenance Kit, to help organizations address potential issues associated with the use of third-party AI models. “Much like a DNA test reveals biological origins, the Model Provenance Kit examines both metadata and the actual learned parameters of a model (like a unique genome that comprises a model), to assess whether models share a common origin and identify signs of modification,” Cisco said. “This, combined with a constitution that defines provenance linkages, is an important step toward providing evidence-based assurance that the AI you deploy is what it says it is.”
• Abuse of Hugging Face and ClawHub for Malware Delivery —Threat actors are abusing legitimate AI platforms like Hugging Face and ClawHub for malware delivery, once again demonstrating how trust in AI ecosystems are being exploited. Acronis said it identified more than 575 malicious skills across 13 developer accounts that target both Windows and macOS systems with trojans, cryptocurrency miners, and AMOS stealer, a macOS-focused infostealer. “On Hugging Face, attackers leverage repositories to host payloads and act as staging infrastructure within multistep infection chains, distributing malware disguised as legitimate applications,” Acronis said.
• European Authorities Bust Cryptocurrency Fraud Ring —Albanian and Austrian authorities dismantled a cryptocurrency investment fraud ring that caused estimated losses of more than €50 million ($58.5 million) to victims worldwide. The operation, which took place over two years, resulted in the arrest of ten individuals, the search of multiple premises, and the seizure of 891,735 in cash, 443 computers, 238 mobile phones, six laptops, and multiple storage devices. “The criminal network, allegedly operating several call centres in Tirana, Albania, is believed to have caused significant financial damage, totalling at least €50 million,” Europol said. “The call centres were professionally set up and organized, resembling legitimate business structures featuring a clear division of roles and hierarchical management.” The criminal network is estimated to have involved up to 450 employees across various departments. The scheme involved luring victims to seemingly legitimate online investment platforms through deceptive advertisements on social media or web searches, and coaxing them into making investments under the promise of huge returns. Victims were then assigned retention agents, who masqueraded as investment advisors and used remote access software to gain full control of their devices. “The fraudsters feigned professional expertise and employed psychological pressure to persuade victims to make additional investments, falsely claiming they would be profitable,” Europol said. “In truth, the funds were never invested but were instead channelled into an intricate international money-laundering scheme, ultimately disappearing into the hands of the criminal organisation.” In some cases, the fraudsters reached out to the victims again and offered help with recovering their stolen funds, only to demand a €500 entry fee and defraud them a second time.
• Flaws in EnOcean’s SmartServer —Two security flaws have been disclosed in EnOcean’s SmartServer IoT platform that affect version 4.60.009 and prior. According to Claroty: “CVE-2026-20761 allows remote attackers to send malicious, crafted LON IP-852 messages that result in arbitrary command execution on devices. CVE-2026-22885 allows remote attackers to send malicious, crafted IP-852 messages that bypass ASLR memory protections and leak memory.” Successful exploitation of the flaws results in attackers obtaining control over building management and building automation systems running affected versions of this platform and legacy i.LON devices. Patches have been released for both vulnerabilities.
• Google Announces Android Credential Manager Update —Google has announced a new update to Android’s Credential Manager that allows apps to automatically verify a user’s personal Gmail address without requiring one-time passwords (OTPs) or email verification links. “Google now issues a cryptographically verified email credential directly to Android devices,” the company said. “For users, this completely removes the need to manually verify their email through external channels. For developers, the API securely delivers these verified user claims for any scenario, whether you are building an account creation flow, a recovery process, or a high-risk step-up authentication.”
• Nearly 8.8K Secrets Leaked Online —According to Truffle Security, 8,792 verified, unique secrets have been leaked online through web-based development environments. The tokens were found across 22 million public projects hosted on Cloud Development Environments (CDEs) such as CodePen, CodeSandbox, JSFiddle, and StackBlitz.
• Is There More to the Xygeni Compromise? —Multiple connections have been found between the compromise of the Xygeni vulnerability scanner on GitHub and a proxy botnet of hacked ASUS and TP-Link routers. Some of the TP-Link consumer routers have been compromised with Microsocks to unroll them to a residential proxy network. “These routers were also running a custom command-and-control beacon that was named ShadowLink,” Ctrl-Alt-Intel said. “When we analysed the ShadowLink protocol, we found it was identical, down to a shared authentication secret, to the backdoor planted in the Xygeni GitHub Action used for that supply chain attack.”
• Brazilian Anti-DDoS Firm Behind DDoS Attacks on ISPs —Huge Networks, a Brazilian tech company that specializes in protecting networks from distributed denial-of-service (DDoS) attacks, has been enabling a botnet responsible for massive DDoS attacks against other internet service providers (ISPs) in the country, according to KrebsOnSecurity. The company has since said the malicious activity resulted from an intrusion first detected in January 2026 and claimed it was likely the work of a competitor.
• Canonical Target of Sustained DDoS Attack —Canonical disclosed its web infrastructure came under a “sustained, cross-border attack,” knocking Ubuntu servers offline for several hours. A pro-Iranian hacktivist group known as the Islamic Cyber Resistance in Iraq, aka 313 Team, claimed responsibility for the attack on Telegram. The websites have since become operational. Last month, the group also disrupted access to the decentralized social media platform Bluesky.
• New Phishing Kit Bluekit Detailed —A new phishing kit named Bluekit is offering more than 40 templates targeting popular services and includes basic artificial intelligence (AI)-powered features for generating campaign drafts. Available templates can be used to target email accounts (Outlook, Hotmail, Gmail, Yahoo, ProtonMail), cloud and enterprise services (iCloud and Zoho), developer platforms (GitHub), and cryptocurrency services (Ledger). What makes the kit stand out is the presence of an AI Assistant panel that supports multiple models, including Llama, GPT-4.1, Claude, Gemini, and DeepSeek, to help criminals draft phishing emails. It also has support for two-factor authentication, geolocation emulation, antibot cloaking, notifications, spoofing capabilities, voice cloning, and a mail sender. The development once again reinforces the broader trend of crimeware services integrating AI to streamline and scale their operations. Bluekit is the second kit to integrate AI features in as many months. In April 2026, Abnormal Security shed light on a cybercrime platform called ATHR that uses AI vishing agents, credential harvesting panels, and built-in phishing mailers to execute and scale telephone-oriented attack delivery (TOAD) attacks.
• North Korea Calls U.S. Cyber Threat Claims a Fabrication — North Korea’s foreign ministry rejected U.S. accusations that the country poses a cyber threat, stating the U.S. was spreading false information about a non-existent cyber threat from North Korea for political purposes, per Reuters. The ministry said it “would actively take all necessary measures for defending the interests of the state and protecting the rights and interests of its citizens in cyberspace.”

🔧 Cybersecurity Tools

• Model Provenance Kit → It is a free open-source Python tool from Cisco AI Defense that helps identify if a machine learning model is based on a known base model (like Llama, Mistral, GPT, etc.). It analyzes architecture, tokenizer, and weights to quickly compare two models or check against a database of ~150 popular base models.
• AutoFyn → It is an open-source tool from SignalPilot Labs that runs Claude AI in self-improving loops to optimize measurable goals. Give it a GitHub repo, a clear task (like security hardening, bug fixing, or performance optimization), and a time budget — it works in sandboxed rounds, tracks progress with real evaluations, learns from failures, and delivers improved code via PRs.

Disclaimer: This is strictly for research and learning. It hasn’t been through a formal security audit, so don’t just blindly drop it into production. Read the code, break it in a sandbox first, and make sure whatever you’re doing stays on the right side of the law.

Conclusion

Stay sharp out there.

The pace of attacks is accelerating, and the margin for delay is shrinking. Patch what you can today, verify your supply chains, tighten SaaS access, and treat every “routine” login or pipeline run as potentially hostile. Small habits now will save major headaches later.

Until next Monday. Keep your defenses tight and your eyes open. The threats won’t wait — neither should we. See you in the next recap.