![Cybersecurity News | Daily Recap [04 May 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [04 May 2026]")
Daily Recap, Copy Fail, a Linux kernel vulnerability (CVE-2026-31431), is now being actively exploited to gain root on major distributions, with a public PoC and a mandatory patch deadline of May 15, alongside MOVEit Automation CVE-2026-4670 that enables remote, unauthenticated access and a privilege-escalation fix (CVE-2026-5174) as more than 1,400 instances remain exposed. DigiCert revoked 60 certificates after a support-portal breach exposed EV code-signing certificates used by the Zhong Stealer family, Instructure confirmed a breach claimed by ShinyHunters, and broader themes include AI-driven security and data-center risk with Pentagon AI deals and MSP-focused defense of backups. #CopyFail #MOVEitAutomation #ZhongStealer #ShinyHunters #DigiCert #Instructure #MSPs #Pentagon
Vulnerabilities & Exploits
- CISA says the Copy Fail Linux kernel flaw (CVE-2026-31431) is now being actively exploited to gain root on major distributions, with a public PoC and mandatory federal patch deadline of May 15 β Copy Fail, Copy Fail
- Progress warned that a critical MOVEit Automation auth-bypass bug (CVE-2026-4670) lets remote, unauthenticated attackers bypass login, with a related privilege-escalation fix (CVE-2026-5174) and more than 1,400 online instances exposed β MOVEit Flaw
Incident Response & Breaches
- DigiCert revoked 60 certificates after a support-portal compromise let an attacker abuse analyst access to obtain EV code-signing certs, including ones used by the Zhong Stealer family, and the company has since tightened MFA and logging β DigiCert Hack
- Instructure confirmed a breach after ShinyHunters claimed the theft and leak of data, with possible exposure of identifying information and private messages and key rotation already underway β Instructure Breach
Platform & Security Tooling
- Microsoft said April 2026 updates added psmounterex.sys to the vulnerable driver blocklist, breaking some third-party backup apps that rely on VSS snapshots and requiring updated drivers instead of rollback β Backup Failures
- Microsoft Defender falsely flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha after an April 30 signature update, prompting a security-intelligence fix and restoration of affected trust-store entries β Defender False Flag
Fraud & Social Engineering
- Researchers say fraudsters are using structured loan scams against credit unions by exploiting onboarding and verification workflows with stolen identities and social engineering rather than βhackingβ directly β Credit Union Fraud
AI, Defense & Critical Infrastructure
- The Pentagon struck deals with 7 tech companies to bring AI into classified systems, expanding decision-support capabilities while raising concerns about oversight and combat risk β Pentagon AI
- Analysts argue data centers should be treated as critical infrastructure after Middle East strikes and destructive cyber incidents highlighted how AI-era workloads make them high-value targets β Data Center Risk
- A webinar announcement noted AI-driven phishing and brand impersonation are accelerating attacks on MSPs, underscoring the need for SaaS backups and BCDR planning β MSP Webinar
Recaps & Market Moves
- A monthly roundup counted 33 cybersecurity M&A deals announced in April 2026, reflecting continued consolidation across the sector β M&A Roundup
- Weekly coverage highlighted broader security trends including active exploit campaigns, major breaches, AI attack-surface growth, and rising privacy enforcement across the industry β Week Review