IT SECURITY
May 15, 2026 • 5 min read

This week’s IT security roundup highlights critical vulnerabilities in enterprise software, ongoing cyber threats against government infrastructure, and emerging risks from AI platform misconfigurations. Major vendors have released urgent patches for cPanel, SAP S/4HANA, and Linux kernel vulnerabilities, while researchers have discovered concerning security gaps in cloud platforms.

Critical cPanel Vulnerability Weaponized to Target Government Networks

VULNERABILITY

A critical vulnerability in cPanel (CVE-2026-41940) was exploited within 24 hours of its disclosure, enabling attacks from 44,000 unique IP addresses targeting government and enterprise networks worldwide. The flaw allows remote code execution with full system privileges, putting millions of web hosting servers at risk.

Security researchers have observed automated scanning activity targeting vulnerable cPanel instances, with attackers attempting to deploy backdoors and cryptocurrency miners. The rapid weaponization underscores the critical nature of applying security updates immediately for widely used web hosting control panels.

SAP Patches Critical SQL Injection Flaw in S/4HANA Enterprise Platform

PATCH

SAP released its monthly Security Patch Day updates on May 12, 2026, addressing a critical SQL injection vulnerability in SAP S/4HANA that could allow attackers to execute arbitrary code and access sensitive business data. The flaw affects organizations running unpatched versions of the enterprise resource planning platform.

The update also includes patches for multiple high-severity vulnerabilities across SAP’s enterprise software portfolio, including issues in SAP Commerce Cloud and SAP BusinessObjects. Security teams are urged to prioritize patching given the widespread adoption of these platforms in corporate environments.

Linux Kernel Privilege Escalation Vulnerability Affects Multiple Distributions

CYBERSECURITY

Linux distributions are rolling out patches for a high-severity kernel privilege escalation vulnerability (CVE-2026-46300) that could allow attackers to run malicious code with root privileges. The flaw, tracked as “Fragnasia,” affects multiple kernel versions and is present in major distributions including Ubuntu, Debian, and Fedora.

Security researchers warn that exploitation requires local access but could be chained with other vulnerabilities for complete system compromise. Server administrators should apply kernel updates immediately, particularly for systems hosting critical services or sensitive data.

Amazon AI Platform Misconfiguration Creates Administrative Backdoor

CLOUD SECURITY

Researchers have discovered a critical misconfiguration in Amazon’s AI-driven business intelligence platform that transforms an administrative lockout mechanism into a potential backdoor for unauthorized access. The issue stems from custom permission settings that can be exploited to bypass intended security controls.

The finding highlights emerging security risks in AI platforms as organizations increasingly deploy machine learning tools in production environments. Amazon has acknowledged the issue and is working on a security update, but organizations using the platform are advised to review their permission configurations immediately.

GitLab Issues Emergency Security Updates for Session Hijacking Vulnerabilities

MALWARE

GitLab has rushed out emergency security updates after uncovering a dangerous cluster of vulnerabilities that could allow attackers to silently hijack developer sessions or execute arbitrary code. The affected versions include GitLab Community and Enterprise Editions, with severity ratings ranging from critical to high.

The vulnerabilities impact organizations using self-hosted GitLab instances for source code management and CI/CD pipelines. Security teams should prioritize patching due to the potential for supply chain attacks through compromised developer accounts and stolen source code repositories.

ZY Media Productions

IT • Music • Technology