News

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it. Given that cPanel and WebHost Manager (WHM) control panel help manage properties for  70 million domains, by some estimates, and the critical severity of CVE-2026-41940 (9.8), the vulnerability is being considered a disaster by those in the security scene. It also affects every single supported version of the software prior to the patch. For the uninitiated, cPanel and WHM are both Linux-based control panels. The former is used to manage websites, databases, file transfers, email configurations, and domains, while WHM is used for servers. They are both backbones of the internet. Breaking into them would provide an attacker with unfettered access to all the secrets associated with these functions. Or, as watchTowr put it: "Think of it as the keys to the kingdom, and then the keys to every individual apartment inside the kingdom. If the kingdom were the internet and the apartments were websites. For everything." Perhaps the worst part is that early signals from defenders, such as KnownHost CEO Daniel Pearson, suggest it may have been exploited as a zero-day for at least 30 days. Or maybe worse still is the nature of the vulnerability itself – that attackers can gain root access while bypassing all kinds of authentication – a feat worthy of the near-maximum CVSS. The vulnerability also affects WP Squared, a WordPress hosting platform owned by cPanel. Successfully exploiting CVE-2026-41940, which can be summarized as a carriage return line feed (CRLF) flaw – meaning the application that was attacked does not properly sanitize user-supplied input – involves just a few steps.  An attacker creates a session cookie by completing a failed login attempt and then sends a request with a specially crafted header with an instruction to change privileges to root. They can then use that cookie to log into cPanel and WHM as root. In normal scenarios, cPanel would encrypt attacker-supplied values, but in unpatched versions, attackers can remove a hex value and stop this process from running, allowing the plaintext make-me-root commands to pass through like any other trusted code. Above is a high-level, concise summary of the procedure. Those looking for a winding tale of how the experts figured out the attack path, watchTowr published its workflow in its typical tongue-in-cheek style. The prevailing advice is that if you run cPanel and WHM, get patching ASAP. This is a bad one, and given the likelihood of zero-day exploitation, running cPanel's detection script can help defenders understand whether it's just a patch they need, or if it's pull the cables out time. watchTowr also published its own detection artefact generator to help defenders sniff out signs of compromise. ®

Emergency patches out now for those managing the millions of domains assumed to be affected

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it.…

Investigation finds no single cause for soldiers falling ill, just bad bolts, cold air, and apparently the soldiers themselves

Britain's notorious Ajax armored vehicles are being accepted back from the manufacturer after investigations found no single cause for the symptoms plaguing crews, meaning soldiers will need to grin and bear it.…

PWNED Welcome, once again, to PWNED, the weekly column where we recount the adventures of IT explorers who found their own pile of quicksand and then jumped right into it. This week's story involves keeping sensitive information in a very vulnerable place and then not protecting it adequately. The tale comes to us courtesy of Stanislav Kazanov, head of strategic practices at Innowise, a software development firm. A few years ago Kazanov and his group were hired to perform compliance and data architecture audits on a fintech startup where execs had invested more than $1 million to develop a "military grade" security system complete with biometric MFA, endpoint detection, and a ton of physical security. During the audit, Kazanov logged onto the company's SharePoint site and found a folder called "DevOps_Handoff" on the company-wide intranet that any employee could access. Within that folder was a spreadsheet with the very obscure and deceptive filename Prod_DB_Root_Creds_DO_NOT_SHARE.xlsx. Clearly, this naming convention would throw off any would-be hackers. On the bright side, the Excel file was password-protected. So, at least there's that, but was there really that much protection? When Kazanov asked the lead engineer for the password, he was so embarrassed that he looked at his feet and mumbled the answer: "It's the [company name] + [year]." We don't know the actual name of the company, but let's just say it was Contoso. The password would therefore be contoso2026. That's not exactly "admin123" but it's close enough to guess. The lead engineer explained to Kazanov the reason for the file's existence. Apparently, the internal DevOps team and an external DBA team had a disagreement about which enterprise-grade password manager to use. To "temporarily" solve this disagreement, they dumped the root DB credentials and master AWS IAM keys into this spreadsheet, which had existed for a whopping eight months at the time our hero found it. Our story ends here. We assume this problem was resolved after Kazanov's intervention and before tragedy struck. However, it shows that disagreements over how to secure resources can lead to dangerous compromises. In this case, the internal DevOps team should have had the final say over what password manager the contractors and they would use. At no point should they have allowed this conflict to result in putting the secrets into a spreadsheet, even if the spreadsheet had strong password protection. The most basic principle of cybersecurity is to give individual access and credentials to only those who really need it. But here the file was on an intranet that was accessible to all employees and even contractors like Kazanov. Since this was a fintech firm, the data involved could have related to millions or even billions of dollars of people's money. This is a serious situation and anyone who is this sloppy with security doesn't deserve to handle a dime in assets or transactions. Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity available upon request. ®

Great idea, guys. Let's keep all of the data in an Excel file with weak password protection

PWNED  Welcome, once again, to PWNED, the weekly column where we recount the adventures of IT explorers who found their own pile of quicksand and then jumped right into it. This week's story involves keeping sensitive information in a very vulnerable place and then not protecting it adequately.…

Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) vulnerability arising from a logic flaw. The newly disclosed LPE, dubbed Copy Fail (CVE-2026-31431), comes from a vulnerability in the Linux kernel's authencesn cryptographic template. "An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root," the writeup from security biz Theori explains. The kernel reads the page cache when it loads a binary, so modifying the cached copy amounts to altering the binary for the purpose of program execution. But doing so doesn't trigger any defenses focused on file system events like inotify. The proof of concept exploit is a 10-line, 732-byte Python script capable of editing a setuid binary to gain root on almost all Linux distributions released since 2017. Copy Fail is similar to other LPE bugs such as Dirty Cow and Dirty Pipe, but its finders claim it doesn't require winning a race condition and it's more broadly applicable. It's not remotely exploitable on its own – hence LPE – but if chained with a web RCE, malicious CI runner, or SSH compromise, it could be relevant to an external attacker. The bug is of most immediate concern to those using multi-tenant Linux systems, shared-kernel containers, or CI runners that execute untrusted code. According to Theori, the vulnerability also represents a potential container escape primitive that could affect Kubernetes nodes, because the page cache is shared across the host. Linux distros Debian, Ubuntu, and SUSE have issued patches for the problem, as have overseers of other distros. Red Hat initially said it was going to defer the fix but later changed its guidance to indicate it will go along with other distros and patch promptly. The CVE has been rated High severity, 7.8 out of 10. Theori researcher Taeyang Lee identified the vulnerability, with the help of the company's AI security scanning software, Xint Code. The number of bug reports has surged in recent months, helped by AI-powered flaw-finders. Microsoft just reported the second largest number of patches ever. Dustin Childs, head of threat awareness for Trend Micro's Zero Day Initiative, expects this is due to security teams using AI to hunt bugs. "There are many things we could speculate on to justify the size, but if Microsoft is like the other programs out there (including ours), they are likely seeing a rise in submissions found by AI tools," he wrote earlier this month. AI-assisted vulnerability research recently prompted the Internet Bug Bounty (IBB) program to suspend awards until it can understand how to manage the growing volume of reports. ®

Patches land for authencesn flaw enabling local privilege escalation

Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) vulnerability arising from a logic flaw.…

GPS spoofing, which sends fake satellite-like signals, and GPS jamming, which drowns receivers in noise, are increasingly serious problems. Researchers at Oak Ridge National Laboratory in Tennessee have created what they say is the most effective system yet for detecting GPS interference, which could help blunt such attacks. ORNL said Wednesday that a group of boffins led by researcher Austin Albright has developed a new portable device that can detect both spoofing, which sends fake signals that mimic GPS satellite signals to provide bad location data, and jamming, which simply floods GPS receivers with noise. The device can operate from a vehicle to detect attacks on commercial trucks and warn drivers, the lab said, and tests with the US Department of Homeland Security suggest it's sensitive enough to outperform industry-developed systems that already exist.  That sensitivity would be notable enough, but ORNL said that the device is able to do something else that no known GPS interference detector can: It's able to detect spoofing even when fake and real signals are equally strong.  The ORNL device also operates entirely independently of GPS: It doesn't even have a GPS-specific receiver or knowledge of expected GPS signals, according to the lab. Instead, it consists of just a couple of well-known pieces of equipment, namely a software-defined radio and an embedded GPU, and what ORNL said is a new mathematical radio frequency analysis method to separate legit signals from malicious ones. The GPU's role is simply to perform the math in real time to detect spoofs or jams.  "Trucking needs a solution that works without special conditions or dependence on a trusted reference source," Albright said of the new device in ORNL's writeup. "Ours is the best in the world."  With the successful testing of the device completed, Albright and his team are now looking at ways to make the thing cheaper to produce, which we can imagine might include replacing the GPU with something less in-demand by the AI industry.  GPS spam: Not just a problem for planes We've reported plenty on GPS spoofing and jamming at The Register, but most of our writing on the topic has focused on aviation, with issues like GPS spoofing rampant at multiple airports in India, disrupting a flight carrying European Commission President Ursula von der Leyen, and generally rising to the level of being a serious flight safety concern for aviators around the world.  ORNL acknowledged the problem of GPS interference in aviation in its writeup, and while the device could potentially help detect attacks against aircraft, the lab’s immediate focus appears to be protecting truckers moving goods across the US. As an example, ORNL pointed to an incident last year in which two tractor-trailer loads of tequila from a brand co-founded by celebrity chef and Flavortown mayor Guy Fieri and former Van Halen singer Sammy Hagar were stolen. GPS spoofing was used during the crime to keep those waiting for the estimated 24,000 bottles from getting suspicious that the trucks weren't on course.  Some of the booze was eventually recovered in California (it was supposed to be delivered to Pennsylvania), but not before Fieri said the company had to lay people off due to the losses.  While stolen tequila is bad, the same attacks could also be used to waylay or misdirect shipments carrying everything from personal packages to nuclear materials and other essential goods. "Everyone uses cargo monitoring with GPS tracking, whether for your personal packages, your pizza, or nuclear materials," Albright said, adding that the device would act like any other sort of alarm to alert a driver that something's amiss.  "Like a carbon monoxide alarm alerts you to an invisible danger, spoofing detection is critical to alerting us to a new invisible danger," Albright said. Drivers with one of the ORNL devices, for example, could get an alert, "know something bad is happening and call someone," potentially protecting the driver, their shipment, and people who would be harmed by its loss.  We reached out to ORNL to learn more about the future of the project, but the lab wasn't able to meet our deadline. ®

ORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength

GPS spoofing, which sends fake satellite-like signals, and GPS jamming, which drowns receivers in noise, are increasingly serious problems. Researchers at Oak Ridge National Laboratory in Tennessee have created what they say is the most effective system yet for detecting GPS interference, which could help blunt such attacks.…

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems. While we don't know who is attacking this one, tracked as CVE-2026-32202, we'd suggest betting it all on Putin's goons. The flaw stems from an incomplete fix for an earlier vulnerability found and abused by Russian spies a month before Redmond released a patch. The new bug, CVE-2026-32202, is an authentication coercion flaw in Windows Shell that can expose sensitive information on vulnerable systems via network spoofing. "An attacker who successfully exploited the vulnerability could view some sensitive information," Redmond warned when it disclosed the CVE on April 14.  On Monday, the Windows giant marked the bug as "exploitation detected." The next day, CISA added CVE-2026-32202 to its Known Exploited Vulnerabilities catalog, and set a May 12 deadline for federal agencies to fix the flaw. The Register reached out to Microsoft about the scope of exploitation, who is responsible for the attacks, and what they are doing with the illicit access. We will update this story if we receive any response. Microsoft credited Akamai senior security researcher Maor Dahan with finding and reporting CVE-2026-32202, and in Dahan's write-up, he says an incomplete patch for CVE-2026-21510 created the newer vuln. Redmond attempted to patch CVE-2026-21510 in February. It was one of six actively exploited zero-days disclosed during that month's Patch Tuesday, and Akamai detected Russia's APT28 (also known as Fancy Bear) exploiting that security hole in January.  According to Akamai, citing Ukraine's Computer Emergency Response Team, APT28 exploited CVE-2026-21510 in attacks against Ukraine and European Union countries.  These attacks began with a phishing email, purporting to be from Ukraine's hydro-meteorological center, that contained a weaponized LNK file to exploit another vulnerability, CVE-2026-21513. By chaining CVE-2026-21513 with CVE-2026-21510, the Russian spies bypassed Microsoft security features including Defender SmartScreen and remotely executed malicious code on victims' computers. Microsoft fixed both of these CVEs on February's Patch Tuesday. However, "while Microsoft's fix successfully prevented the initial remote code execution (RCE) and SmartScreen bypass, it left behind a zero-click authentication coercion vulnerability," Dahan wrote, adding that he and his fellow Akamai bug hunters found CVE-2026-32202 while testing the February patches. "While testing the patch, we noticed something interesting: The victim machine was still authenticating to the attacker's server," he said. As Dahan explains, the security hole can be abused to send the victim's Net-NTLMv2 hash (authentication data) to the attacker, thus allowing the digital intruder to authenticate as the user, steal sensitive data, and snoop around on the victim's network. "This gap between path resolution and trust verification left a zero-click credential theft vector via auto-parsed LNK files," he wrote. ®

Second try's a charm?

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…

Microsoft has warned users still clinging to legacy TLS versions that the end is nigh for TLS 1.0 and 1.1 on POP3 and IMAP4 connections to Exchange Online. Redmond warned, "We will start to block legacy version connections starting in July 2026." The move is long overdue, and the Windows giant has been warning users for years that it was coming. Support for TLS 1.0 and 1.1 in Exchange Online ended in 2020. In 2023, Microsoft announced plans to disable those older TLS versions for POP3 and IMAP4 clients in the name of compliance and security, but acknowledged that there was a "significant" number of POP3/IMAP4 clients that didn't support TLS 1.2 or later, and so added an endpoint for clients to opt to keep using the legacy protocols. It was, however, very much an opt-in thing, and in July 2026, the time will run out. Transport Layer Security (TLS) dates back decades. 1.0 was published in 1999, and 1.1 in 2006. Both were deprecated in 2021, and Microsoft stated that they "are no longer considered secure." However, Microsoft is also famous for backward compatibility, and has historically taken a very cautious approach when it comes to switching off services that might make its corporate customers shriek. Hence, Redmond kept the lights on for TLS 1.0 and 1.1, even considering the inherent insecurity of the technology. Microsoft expects minimal impact from the change. The company wrote, "Modern email clients and libraries already support TLS 1.2 or higher." "And the vast majority of POP and IMAP traffic to Exchange Online today uses these newer protocols." Google Workspace still supports TLS 1.0 and 1.1, according to its documentation, although it would be prudent for users to select a more recent protocol, assuming that their client supports it. However, Google's browser tentacle, along with the likes of Firefox and Edge, announced that the legacy protocols were not long for this world in 2018. The Exchange Online switch-off for TLS 1.0 and 1.1 has been a long time coming, but there could still be disruption despite the protocols' relatively low usage. Legacy devices or software, for example, might stop working as connections fail. As far as Microsoft is concerned, "Our expectation is that only customers who have explicitly opted into using those legacy endpoints are impacted by the deprecation." So, anyone using Exchange Online who opted into the legacy protocols should check how their email clients are connecting, or risk summer support calls if things start failing in July. ®

Microsoft readies the axe once again for yesterday's security

Microsoft has warned users still clinging to legacy TLS versions that the end is nigh for TLS 1.0 and 1.1 on POP3 and IMAP4 connections to Exchange Online.…

Unlike search engines that let you judge competing sources, search-backed AI chatbots can turn shaky web material into confident answers. Case in point: A security engineer convinced several bots that he was the reigning world champion of a popular German card game, even though no such championship exists. If you were to check Wikipedia up until the end of last week, you would have seen Ron Stoner listed on the page for 6 Nimmt!, also known as Take 5 to English-speaking audiences, as the 2025 world champion. The Wikipedia entry cited the official-looking 6nimmt.com as the source for the claim, and visiting that URL does reveal a short press release celebrating Stoner's victory. The only problem with the whole thing is that Stoner says he created both the Wikipedia entry about his victory and the 6 Nimmt! domain hosting the only evidence of it, but that still didn't stop several AI chatbots from telling him he was the world champ when he asked. "My site has no independent corroboration. It's totally made up," Stoner said in the blog post. "The whole house of cards rests on a $12 domain registration I did while drinking coffee."  In other words, this is poisoning at the retrieval-augmented generation layer. Not prompt injection, but targeting the same plane of AI functionality, namely the one that searches the web.  As he explains, and many El Reg readers are likely already aware, AI doesn't really care about the provenance of the sources it cites as authority for its claims, and that's the very thing Stoner sought to exploit when he concocted his experiment.  "Every frontier LLM with web search grounds its answers in whatever retrieval ranks highest for a given query," Stoner wrote. In the case of the nonexistent 6 Nimmt! championship, his planted source was the only one, and with Wikipedia lending apparent authority, it became a sure-fire way to fool an AI into presenting falsehood as fact - a trick simple enough for non-technical users to pull off. "I didn't do anything novel here. This is old school SEO and misinformation tactics wrapped in new LLM technology and interfaces," Stoner told The Register in an email. "What's changed is that AI now serves these results as authoritative, and most users have no idea how the data pipeline works behind the scenes."  A Large Language Mess "The thing LLMs are worst at detecting is the thing they're designed to do, which is trust text and resources," Stoner argues in his writeup. "The answer is not 'the model will figure it out,' as the model cannot tell a real source from one I registered last Tuesday. Or how many R's are actually in the word 'strawberry.'"  The problem Stoner exposes in his experiment, he explains, involves three separate failure modes that could be exploited for more damaging ends than inventing a card-game championship. First, there's the retrieval layer, which can immediately cause an LLM to spit out bad data, as "any LLM that grounds answers in web search inherits the trustworthiness of whatever ranks for a given query."  Second is model training corpora, which Stoner said his edit could enter if the Wikipedia change remained live long enough to be scraped. The entry was removed as of last Friday when he published his post, but he made the addition in February 2025, meaning any AI firm that scraped Wikipedia during that window could have picked up his fictional victory in its training data. "Even if the Wikipedia edit is reverted later, any model trained on the pre-revert dump still carries my legacy," Stoner said in his post. "The cleanup problem for corpus poisoning is genuinely unsolved as of 2026." Stoner told us he plans to check this in six months or so, once new models have been released, and if it returns his championship without needing to go online, that's proof his lie made it into training data.  Then there are AI agents, which Stoner says are where the real money is for anyone with malicious intent. "Chat models producing bad information is a reputational problem. Agents with tool access producing bad actions is a security problem," he noted. Poisoning an agent-retrieved source would let an attacker specify the action they want an agent to take, says Stoner. "This attack and test was a $12 domain, a single Wikipedia edit, and about twenty minutes of my time," Stoner concluded in his blog. "Scale that up with a motivated adversary, a handful of seeded domains, a coordinated edit campaign across a dozen low traffic articles, and the attack surface gets interesting very quickly." Stoner told us that retrieval poisoning is something LLM providers need to address and warn users about, and that he expects AI chatbots to start incorporating some sort of warning, especially for RAG-sourced results, in the near future.  He hopes that AI firms will make data provenance a key component of their process, and also wants recent web content heuristically filtered to account for suspicious patterns that would have easily been caught in the 6 Nimmt! case: A single citation pointing to a domain that was registered within a short window of the Wikipedia update should have sounded alarms, but it didn't.  The championship was fake, and it's now gone from Wikipedia and RAG responses as well, but Stoner notes the bad trust pattern that made it work is absolutely real and a looming problem for AI makers. "I'm happy my article is spurring discussion about LLMs, sources, trust, and how all of this works," Stoner told us. "That was my goal and it appears I've achieved it." ®

The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information. First reported by Grady DeRosa, senior industrial pentester at Dragos, the weak spot affects all versions of GrassMarlin, a tool developed and open-sourced by the NSA to support network security at critical infrastructure organizations, industrial control systems, and SCADA networks. GrassMarlin went EOL in 2017, so there are no fixes in the works. CISA just recommends to ensure control systems and devices are not accessible via the open internet, firewalled networks and devices are isolated from business networks, and remote access is established securely. CISA did not - in typical fashion - offer too many details regarding CVE-2026-6807 (5.5), but confirmed that successful exploits could lead to sensitive information being disclosed. However, in an advisory published on Tuesday, it said: "The flaw stems from insufficient hardening of the XML parsing process." These types of attacks (CWE-611) affect products that process XML files. GrassMarlin primarily uses the XML format to save session files, using many files to save different kinds of data, including lists of nodes and edges, node positioning, colors, and session metadata, before bundling them into a ZIP archive and saving them using a .gm3 extension. Often referred to as XML External Entity (XXE) attacks, these typically involve tricking a system owner into parsing a maliciously crafted XML file that has been tampered with to exfiltrate data. This is a general overview of how XXE attacks play out. CISA did not define how CVE-2026-6807 could be exploited specifically. Anna Quinn, penetration tester at Rapid7, however, worked up a public proof-of-concept exploit and posted it to GitHub. "Looking at the code for Grassmarlin, I determined that the likely vulnerable parameters had to do with the XML files ingested when opening stored sessions," Quinn wrote. "By crafting malicious requests I discovered I could induce an error in the message console within Grassmarlin. The cause and content of the error was properly stripped from all logs and output within Grassmarlin. "However, OOB exfiltration of arbitrary files was possible by referencing an external host in the DTD. Some caveats did appear to apply, newer versions of Java could not be used on the system, meaning that Grassmarlin had to use the version of Java bundled in the installer. Additionally, many types of input would cause errors which would impede the exfil process. To bypass this, the content would be converted to base64 and then sent across multiple message chunks." In a separate post on LinkedIn, Quinn noted that the bug won't pose too much of a threat to most organizations, and that it can only realistically be exploited via phishing – either between local users or external emails. ®

GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough

The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…

Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure that handed remote attackers full read/write access to private GitHub repositories using a single command. In disclosing the bug this week, the Google-owned security shop also said its findings could represent a turning point in the way vulnerabilities are discovered in closed source software. Wiz published its findings related to CVE-2026-3854 (8.8) on Tuesday. The company's researchers have tinkered with GitHub for two years but throughout this time, reverse-engineering it was seen as too great a task, given the scale of its internal binaries. They used Claude Code to take a lot of the legwork out of the process, and were able to go from idea to working exploit in less than 48 hours. "By leveraging AI-augmented tooling, particularly automated reverse engineering using IDA MCP, we were able to do what was previously too costly," Wiz blogged. "Using AI, we rapidly analyzed GitHub's compiled binaries, reconstructed internal protocols, and systematically identified where user input could influence server behavior across the entire pipeline.  "Thanks to this new capability, we found a fundamental flaw in how that input flows through GitHub's multi-service architecture." Wiz said that in the pre-AI days, findings of this kind would have taken months' worth of manual analysis by those with extensive experience. It is carried out more quickly and easily using generic AI tools – a boon to both defenders and attackers. The bug explained Wiz has the full technical rundown of how the vulnerability works, but it is concisely summarized as a flaw in how GitHub's internal services blindly trust user inputs when processing push requests. Push options are an intentional feature of the git protocol designed to send key-value strings to a server. These options are packaged into internal X-Stat HTTP headers that are passed between services. However, the vulnerability exploited the way in which user-supplied push option values were blindly trusted and incorporated into the internal metadata of a push request.  Crucially, the metadata here is separated by a delimiter character – a null byte – which users could also type into push options. An attacker could abuse this delimiter character in their push command to trick a server into accepting it as a trusted internal value.  Wiz originally tested the vulnerability on GitHub Enterprise Server (GHES), and found that an additional injection into an X-Stat field ensured the same exploit chain worked on GitHub.com too. GitHub's response As Wiz noted, GitHub responded to its disclosure and issued fixes for the vulnerability within six hours, as well as implementing additional hardening measures to prevent similar vulnerabilities from being as impactful in the future, should they manifest. It also confirmed that no attacker had ever carried out the attack on GitHub.com, although it advised GHES customers to check their access logs for signs of abuse. Alexis Wales, GitHub's CISO, thanked Wiz for the discovery and said it is rewarding the team with one of the biggest-ever payouts in the history of GitHub's bug bounty program. "GitHub greatly appreciates the collaboration, professionalism, and partnership that Wiz has shown throughout this process," she said.  "A finding of this caliber and severity is rare, earning one of the highest rewards available in our bug bounty program, and serves as a reminder that the most impactful security research comes from skilled researchers who know how to ask the right questions.  "As the landscape evolves, these close partnerships with talented hunters and researchers are more important than ever." Even though CVE-2026-3854 was given an 8.8 CVSS rating by the National Institute of Standards and Technology (NIST) – one rung down from the top "critical" classification – both Wiz and GitHub view it as more impactful than the severity score suggests. Beyond saying it had given Wiz "one of the highest rewards available in our bug bounty program," the Microsoft source shop did not name a figure. Per the rewards guide from GitHub's bug bounty, critical vulnerabilities typically earn researchers between $20,000 and $30,000, although the company is known to issue greater sums for especially impactful flaws. For example, the most lucrative bug to date was reported in 2023, and GitHub awarded $75,000 for the since-patched flaw, which had allowed access to the environment variables of a production container.  ®

Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award

Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure that handed remote attackers full read/write access to private GitHub repositories using a single command.…

'Online platforms can rely on our app,' says Commish, 'there are no more excuses'

The European Commission has recommended EU member states adopt an age verification app designed to protect children from harmful online content.…

32 phone calls, 17 email chains, a 5-day ordeal, and no help during the daddy of all stuffups, claim those affected

GoDaddy is currently investigating claims that it handed complete control of a valid 27-year-old domain to another customer, without requiring them to pass any authentication processes or upload any supporting documents.…