#vulnerability
// 5 transmissions tagged with #vulnerability
LinkedIn job offer flow contains backdoor vulnerability
A researcher uncovered a backdoor in LinkedIn's job‑offer API that lets attackers bypass validation and pull user data, a flaw confirmed by LinkedIn’s own security advisory.
Red Hat npm packages compromised, users urged to secure dependencies
A GitHub issue reports that several Red Hat npm packages have been compromised, exposing users to potential security risks. Red Hat is investigating and recommends immediate removal or audit of the affected packages.
Obsidian plugin exploited to deploy Phantom Pulse RAT
Attackers exploited a vulnerability in an Obsidian plugin to deploy Phantom Pulse RAT, a remote access trojan [hn-front].
Critical cPanel CVE-2026-41940 enables auth bypass. Patch now.
CVE-2026-41940 in cPanel and WHM allows authentication bypass and remote elevated control. Government and MSP networks are being actively targeted. Patch immediately.
Critical Apache HTTP/2 flaw enables RCE. Patch is 2.4.67.
CVE-2026-23918 is a double-free in Apache HTTP Server's HTTP/2 implementation. RCE is plausible. Upgrade to 2.4.67 or disable HTTP/2 until you can.