From Active Exploitation to Cloud-Native Intrusions: Threat Actors Intensify

The week demonstrated a growing shift toward identity-driven compromise and cloud-native intrusion activity, as threat actors combined authentication bypasses, supply chain manipulation, and credential-focused malware operations to target enterprise platforms, hosting infrastructure, and developer ecosystems at scale.  

During the week, two vulnerabilities affecting Ivanti Endpoint Manager Mobile and BerriAI LiteLLM were added to the CISA KEV catalog following confirmed active exploitation activity. Additional exploitation activity was observed targeting the Burst Statistics plugin for WordPress, GUARDIANWALL MailSuite, and two Linux kernel privilege escalation vulnerabilities collectively tracked as “Dirty Frag” and “Copy Fail 2,” significantly increasing risk across internet-facing and enterprise Linux environments.  

Threat activity further escalated with the threat actor Mr_Rot13 exploiting CVE-2026-41940 in cPanel & WHM deployments to implant the “Filemanager” backdoor across compromised hosting infrastructure. Simultaneously, TeamPCP abused CVE-2026-45321 within the TanStack ecosystem to distribute trojanized npm and PyPI packages as part of the “Mini Shai-Hulud” supply chain campaign. In parallel, SentinelLabs identified the PCPJack malware framework targeting Docker, Kubernetes, Redis, MongoDB, RayML, and exposed web applications through exploitation of CVE-2025-29927, CVE-2025-55182 (“React2Shell”), CVE-2026-1357, CVE-2025-9501, and CVE-2025-48703, enabling credential theft, lateral movement, persistence, and removal of existing TeamPCP infections from compromised cloud environments.

Key points:

• 2 vulnerabilities added to the CISA KEV catalog
• Active exploitations observed in Burst Statistics plugin for WordPress, GUARDIANWALL MailSuite, and Linux Kernel vulnerabilities
• Threat actors leveraging cPanel and WebHost Manager (WHM) instances to deploy backdoor
• TeamPCP actively abused a critical supply chain vulnerability affecting the TanStack ecosystem
• PCPJack Malware Exploits Cloud Infrastructure vulnerabilities

Several high-impact vulnerabilities are currently trending across the cybersecurity community, demanding immediate attention and patch prioritization. Monitoring these emerging and widely discussed threats provides valuable insights, enabling organizations to make informed security decisions and strengthen their overall defense posture.

CVE-2026-6973 - Improper Input Validation vulnerability in Ivanti Endpoint Manager Mobile (EPMM)

An Improper Input Validation vulnerability in Ivanti Endpoint Manager Mobile allowed remotely authenticated administrative users to achieve remote code execution on affected deployments, potentially resulting in full compromise of enterprise mobility management infrastructure and managed device environments. Affecting versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1, the vulnerability was actively exploited in a limited number of real-world incidents, according to Ivanti. The advisory established a direct relationship between CVE-2026-6973 and earlier vulnerabilities, CVE-2026-1281 and CVE-2026-1340, indicating that previously compromised administrative credentials could be leveraged to facilitate follow-on exploitation activity. Ivanti emphasized immediate credential rotation and administrative account review, particularly for organizations previously affected by earlier EPMM-related compromises. Additionally, Shadowserver Foundation identified more than 850 internet-exposed EPMM instances, primarily located across Europe and North America, increasing the overall exposure risk. Ivanti resolved the issue in versions 12.6.1.1, 12.7.0.1, and 12.8.0.1, after which the vulnerability was added to the CISA KEV catalog due to active exploitation concerns.

CVE-2026-8181 - Authentication Bypass vulnerability in Burst Statistics plugin for WordPress

An Authentication Bypass vulnerability in the Burst Statistics plugin for WordPress allowed unauthenticated attackers to fully impersonate administrator accounts by supplying arbitrary passwords alongside valid administrator usernames through crafted Basic Authentication requests. Affecting Burst Statistics versions 3.4.0 through 3.4.1.1, the flaw originated within the plugin's integration with the MainWP remote management platform, specifically inside the is_mainwp_authenticated() function, where any non-WP_Error response returned from wp_authenticate_application_password() was incorrectly treated as successful authentication. In scenarios where Application Passwords were disabled, the function returned null rather than an error, causing authentication checks to silently succeed and allowing attackers to invoke wp_set_current_user() to assume administrative privileges for the duration of a request. Successful exploitation enabled complete administrator impersonation and creation of unauthorized administrator-level accounts through WordPress core user endpoints without prior authentication. According to Wordfence, active exploitation activity was observed in the wild, with more than 5,318 attack attempts blocked within a 24-hour period, highlighting the rapid operationalization of newly disclosed WordPress vulnerabilities. The developer resolved the issue by enforcing validation of legitimate WP_User objects before authentication completion, with organizations advised to immediately upgrade to Burst Statistics version 3.4.2 or later to mitigate exposure.

CVE-2026-32661 - Stack-Based Buffer Overflow vulnerability in GUARDIANWALL MailSuite

A Stack-Based Buffer Overflow vulnerability affecting GUARDIANWALL MailSuite, a mail security platform developed by Canon Marketing Japan, enabled remote unauthenticated attackers to execute arbitrary code through specially crafted requests targeting the product’s web service. The vulnerability originated within the pop3wallpasswd command, with exploitation possible when the product was configured to execute pop3wallpasswd using grdnwww user privileges. Active exploitation activity was observed in the wild, significantly increasing the urgency of remediation across both on-premises and cloud-based deployments. Affected versions included GUARDIANWALL MailSuite releases from version 1.4.00 through 2.4.26, as well as GUARDIANWALL Mail Security Cloud environments deployed prior to the April 30, 2026 maintenance cycle. Successful exploitation could result in arbitrary code execution on vulnerable systems, potentially leading to full compromise of mail security infrastructure and associated enterprise communications environments. The vendor released official patches to remediate the vulnerability, while SaaS deployments received automatic mitigation during the April 30 maintenance update. Organizations unable to immediately apply patches were advised to temporarily disable the GUARDIANWALL MailSuite administration interface by stopping the grdn-wgw-work process on the WGW worker server, although the vendor warned that the workaround could significantly impact operational functionality.

CVE-2026-41940 - Missing Authentication for Critical Function vulnerability in WebPros cPanel & WHM and WP2 (WordPress Squared)

A Missing Authentication for Critical Function vulnerability affecting WebPros cPanel & WHM and WP2 (WordPress Squared) allowed unauthenticated remote attackers to bypass the login flow and gain unauthorized access to the control panel environment. The flaw impacted multiple authentication paths due to weaknesses in authentication logic within cPanel’s multi-tier architecture, which managed access to files, databases, email services, and administrative functionality through WHM integration. Successful exploitation enabled attackers to bypass access controls, compromise hosting management infrastructure, and potentially achieve server-wide control, posing significant risks to data integrity and operational security. According to watchTowr Labs, a public proof-of-concept confirmed active in-the-wild exploitation, indicating that the vulnerability had been weaponized as a zero-day against a broad range of internet-facing systems. Emergency patches were subsequently released for multiple supported versions, including 11.136.0.5, 11.134.0.20, 11.132.0.29, 11.126.0.54, 11.118.0.63, and 11.110.0.97, with administrators advised to immediately apply updates using the /scripts/upcp --force command, while unsupported legacy deployments remained highly exposed. The vulnerability was later added to the CISA KEV catalog following confirmed exploitation activity.

CVE-2026-42208 - SQL Injection vulnerability in BerriAI LiteLLM

An SQL Injection vulnerability in LiteLLM allows attackers to read and potentially modify data stored within the proxy database, resulting in unauthorized access to managed credentials, API keys, and internal configuration data. This flaw enabled execution of crafted SELECT statements without valid authentication, allowing targeted enumeration of sensitive tables containing virtual API keys, provider credentials, and environment configurations. According to Sysdig, exploitation activity emerged within 36 hours of public disclosure, highlighting rapid attacker weaponization and familiarity with LiteLLM’s backend schema. The availability of a public proof-of-concept significantly increased the likelihood of widespread exploitation against exposed deployments. Organizations were advised to immediately upgrade to the patched release, version 1.83.7-stable, to mitigate exposure, after which the vulnerability was added to the CISA KEV catalog due to active exploitation concerns.  

CVE-2026-43284 and CVE-2026-43500 - Local Privilege Escalation vulnerabilities in Linux Kernel

Local Privilege Escalation vulnerabilities affecting multiple Linux Kernel distributions, collectively referred to as “Dirty Frag” and “Copy Fail 2,” enabling unprivileged local attackers to escalate privileges to root through a deterministic logic flaw requiring no race conditions or timing dependencies. The vulnerabilities affected the xfrm-ESP (IPsec) and RxRPC components of the Linux kernel and were disclosed by security researcher Hyunwoo Kim after technical details and proof-of-concept exploitation code became publicly exposed prior to coordinated patch release. Similar in behavior to the earlier “Dirty Pipe” and “Copy Fail” vulnerabilities, the flaws allowed highly reliable exploitation without triggering kernel panics, significantly increasing operational risk across enterprise Linux environments. According to Microsoft, limited active exploitation activity potentially associated with Dirty Frag or Copy Fail was observed in the wild following initial system compromise through methods including compromised SSH accounts, web shells, abused service accounts, container escapes, and remote access compromise. Post-exploitation activity involved modification of GLPI LDAP authentication files, reconnaissance of GLPI directories and system configurations, deletion of PHP session files, and unauthorized access to remaining session data, indicating credential access, session disruption, and broader post-compromise operations. The vulnerabilities presented the greatest risk to non-containerized Linux hosts, although researchers noted potential container escape implications in specific deployments. Multiple Linux vendors, including Red Hat, Ubuntu, Amazon Linux, Fedora, and AlmaLinux, subsequently released patches and mitigation guidance to address the vulnerabilities and reduce continued exploitation risk.

CVE-2026-44338 - Authentication Bypass vulnerability in PraisonAI

An Authentication Bypass vulnerability affecting PraisonAI, an open-source multi-agent orchestration framework designed to automate collaborative AI workflows across enterprise and development environments. Affecting versions from 2.5.6 prior to 4.6.34, the vulnerability resided within the legacy api_server.py component, where authentication enforcement was effectively disabled by default through a hardcoded false value, causing the GET /agents and POST /chat endpoints to fail open by design. According to Sysdig Threat Research Team, active exploitation activity emerged only three hours and 44 minutes after public disclosure, demonstrating rapid AI-assisted exploit development, patch reverse engineering, and attacker operationalization. Successful exploitation enabled unauthenticated attackers to retrieve sensitive agent metadata, enumerate workflow configuration files, invoke AI workflows without authorization, and abuse automated orchestration pipelines capable of interacting with shell environments, internal datasets, external APIs, and messaging platforms such as Slack. Observed reconnaissance activity included probing for .env files, pyproject.toml, and praisonai/version.txt, followed by successful unauthenticated GET /agents requests returning HTTP 200 responses containing full agent configuration data, while repeated abuse of the POST /chat endpoint enabled uncontrolled workflow execution and “Model API quota burn” against providers such as OpenAI and Anthropic. Sysdig additionally identified publicly available proof-of-concept exploitation alongside scanning activity originating from DigitalOcean-hosted infrastructure utilizing the CVE-Detector/1.0 User-Agent string. PraisonAI resolved the vulnerability in version 4.6.34, with organizations advised to immediately upgrade affected deployments, migrate away from the legacy api_server.py entry point, audit billing activity, and rotate all credentials referenced within agents.yaml configuration files to mitigate continued exposure.

Cytellite telemetry captured active exploit attempts and mass scanning campaigns against exposed services globally. The data highlights which vulnerabilities are under attack and provides source IPs and payloads to authorized teams for detailed threat analysis and validation.

Active malware campaigns exploited specific vulnerabilities to deliver payloads and carry out post-exploitation actions. Each targeted vulnerability is proactively monitored, manually analysed, and mapped to MITRE ATT&CK tactics and techniques. Insights are derived from the LOVI vulnerability intelligence platform, which aggregates and curates data from multiple sources, OSINT groups, blogs, and data leak sites.

Exploitation of CVE-2026-41940 Enables Filemanager Backdoor Deployment on cPanel Environments

According to QiAnXin XLab, the threat actor tracked as Mr_Rot13 exploited CVE-2026-41940, a critical authentication bypass vulnerability affecting cPanel & WHM, to deploy a backdoor identified as “Filemanager” across compromised hosting environments. The vulnerability enabled remote attackers to bypass authentication controls and obtain elevated access to cPanel and WebHost Manager (WHM) instances, significantly increasing exposure across internet-facing hosting infrastructure. XLab researchers observed rapid post-disclosure exploitation activity involving multiple threat actors conducting automated attacks that resulted in cryptocurrency mining, ransomware deployment, botnet propagation, and persistent backdoor implantation. Monitoring telemetry identified more than 2,000 attacker-controlled source IP addresses participating in coordinated exploitation campaigns, with the majority originating from Germany, the United States, Brazil, the Netherlands, and several additional global regions. The scale and speed of the activity demonstrated widespread automated weaponization of the vulnerability against exposed cPanel environments shortly after public disclosure, reinforcing the continued targeting of hosting infrastructure for financially motivated and persistent compromise operations.

TeamPCP Exploits CVE-2026-45321 in Large-Scale Mini Shai-Hulud Supply Chain Campaign

According to multiple security researchers, the threat actor TeamPCP actively abused CVE-2026-45321, a critical supply chain vulnerability affecting the TanStack ecosystem, to distribute trojanized npm and PyPI packages as part of the “Mini Shai-Hulud” campaign. The attack leveraged compromised GitHub Actions workflows, OIDC token abuse, and malicious lifecycle hooks to publish backdoored packages carrying valid SLSA Level 3 provenance attestations, making detection significantly more difficult. Successful exploitation enabled deployment of credential stealers, persistence mechanisms targeting IDEs such as Visual Studio Code and Claude Code, GitHub token theft, CI/CD compromise, and destructive wiper functionality triggered through npm token revocation logic. The campaign impacted more than 170 packages across npm and PyPI, collectively exceeding 518 million downloads, while researchers identified over 400 attacker-created repositories associated with stolen credentials and automated propagation activity. Although affected packages were removed and advisories were released by impacted vendors including TanStack and Mistral AI, the reports primarily focused on package remediation, token rotation, and repository isolation rather than a standalone vendor patch for CVE-2026-45321.

PCPJack Malware Exploits Cloud Infrastructure vulnerabilities

According to SentinelLabs, a newly identified malware framework named PCPJack targeted exposed cloud infrastructure to steal credentials while simultaneously removing existing TeamPCP infections from compromised systems. The framework targeted Docker, Kubernetes, Redis, MongoDB, RayML, and vulnerable web applications, leveraging vulnerabilities including CVE-2025-29927, CVE-2025-55182 (“React2Shell”), CVE-2026-1357, CVE-2025-9501, and CVE-2025-48703 to gain unauthorized access and propagate laterally across cloud and containerized environments. Infection activity began through a bootstrap.sh shell script that established persistence, deployed the monitor.py orchestrator, removed TeamPCP-related processes and artifacts, and initiated credential harvesting operations targeting SSH keys, Slack tokens, WordPress configurations, cloud credentials, OpenAI keys, Anthropic keys, Discord tokens, and DigitalOcean access data. Exfiltrated credentials were encrypted using X25519 ECDH and ChaCha20-Poly1305 before transmission to attacker-controlled Telegram channels, while propagation mechanisms additionally leveraged Common Crawl datasets to identify new scanning targets across exposed internet infrastructure. SentinelLabs also identified a Sliver-based backdoor supporting x86_64, x86, and ARM architectures within the operational infrastructure, reinforcing assessments that PCPJack represented a large-scale credential theft and cloud-focused intrusion framework potentially linked to former TeamPCP operators familiar with the group’s tooling and tradecraft.

Open-Source Software (OSS) vulnerabilities are security weaknesses discovered in publicly available codebases that can be exploited across widely used libraries, frameworks, and tools, often impacting thousands of downstream applications.

PRE-NVD vulnerabilities refer to security flaws that are discovered, discussed, or even exploited in the wild before their official inclusion in the National Vulnerability Database (NVD). These early-stage vulnerabilities often emerge through threat actor chatter, exploit proof-of-concepts, and technical disclosures shared across social media platforms and underground forums, signaling potential exploitation risks before public awareness.

The growing abuse of trusted ecosystems and enterprise management platforms highlights the increasing complexity of modern intrusion activity and the shrinking remediation window for defenders. As active exploitation increasingly followed public disclosure within hours or days, continuous vulnerability intelligence, rapid patch validation, and proactive exposure monitoring became critical operational requirements. Platforms such as Loginsoft Vulnerability Intelligence (LOVI) plays an important role in helping organizations track emerging threats, monitor exploitation activity, and prioritize remediation efforts across rapidly evolving attack surfaces.

FAQs

1) What is Ivanti Endpoint Manager Mobile?

Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, is a Unified Endpoint Management (UEM) and Mobile Device Management (MDM) platform designed to securely manage mobile devices, applications, and enterprise content across corporate environments. It enables organizations to enforce security policies, manage device compliance, distribute applications, and provide secure access to enterprise resources across iOS, Android, macOS, and Windows devices from a centralized management interface.

2) What are cPanel & WHM deployments?

cPanel & WHM deployments refer to hosting servers or environments where the cPanel and WebHost Manager (WHM) platform is installed to manage websites, domains, email services, databases, and server configurations. cPanel provides the customer-facing interface for website and hosting management, while WHM serves as the administrative interface for managing server-wide settings, reseller accounts, and multiple hosting environments. These deployments are widely used by web hosting providers and enterprise hosting infrastructures to centrally manage internet-facing services and customer accounts.

3) Does inclusion in the CISA KEV catalog mean exploitation is widespread?

Not necessarily widespread - but confirmed. KEV inclusion indicates verified in-the-wild exploitation. While the scale may vary, the operational reality is that threat actors possess working exploits, making patch prioritization urgent regardless of observed targeting volume.

4) How does LOVI help organizations manage vulnerabilities effectively?

Loginsoft Vulnerability Intelligence empowers you to efficiently prioritize and respond to potential vulnerabilities by focusing on those actively exploited in the wild. LOVI correlates vulnerability data with real-world threat activity to reduce noise and improve decision-making. This approach enables faster remediation and stronger security posture.

5) What is Cytellite?

Cytellite is a Loginsoft security intelligence platform that provides real-time visibility into emerging threats through a global sensor network. It delivers actionable IP intelligence to help organizations detect, analyze, and respond to attacks quickly. By correlating threat data with live activity, Cytellite strengthens resilience across dynamic threat landscapes.