U.S. government warns of severe CopyFail bug affecting major versions of Linux
U.S. cybersecurity agency CISA says the CopyFail bug is being actively used in hacking campaigns, and poses a major risk to servers and datacenters that rely on Linux.
Security
Hackers are still exploiting the cPanel bug to gain control of thousands of websites
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting and hacking websites.
US healthcare marketplaces shared citizenship and race data with ad tech giants
Virginia and Washington, D.C. paused the data collection and sharing, after Bloomberg’s investigation found their health insurance marketplaces were sharing users’ information with advertisers.
5 days only: Bring a partner or colleague and get 50% off a second TechCrunch Disrupt 2026 pass
The BOGO offer is live. For a limited time, buy one pass to TechCrunch Disrupt 2026 and get 50% off a second of the same ticket type. Offer ends this Friday, May 8. Save here.
Severe Linux Copy Fail security flaw uncovered using AI scanning help
Nearly every Linux distribution released since 2017 is currently vulnerable to a security bug called “Copy Fail” that allows any user to give themselves administrator privileges. The exploit, publicly disclosed as CVE-2026-31431 on Wednesday, uses a Python script that works across all of the vulnerable Linux distributions, requiring “no per-distro offsets, no version checks, no […]
Ubuntu services hit by outages after DDoS attack
A group of hacktivists have claimed responsibility for a distributed denial-of-service attack, which has affected several Ubuntu and Canonical websites, and prevented users from updating the Linux-based operating system.
Hackers are actively exploiting a bug in cPanel, used by millions of websites
Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Dental practice software maker fixes bug that exposed patients’ medical records
The security bug is now fixed, but the patient who found it said it was challenging to alert the software company about the issue.
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
The government of Sri Lanka has lost more than $3 million in two recent, separate cybersecurity incidents as the country continues to recover from its 2022 debt crisis.