Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months
Publish Date: 2026-05-03 04:00:00
Source Domain: www.helpnetsecurity.com
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
The AI criminal mastermind is already hiring on gig platforms
Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model Context Protocol server, allowing an agent to post gigs directly. Listed tasks include attending in-person meetings, photographing locations, delivering items, and surveying physical sites.
Even cybersecurity researchers are exposing secrets in their arXiv LaTeX source
Researchers submit papers to arXiv daily, often including LaTeX source files alongside PDFs. About 93% of submissions contain these files, which may include drafts, comments, figures, and leftover project data. A study from RWTH Aachen University, to be presented at the 2026 IEEE Symposium on Security and Privacy, analyzed 2.7 million arXiv submissions since 1991. It found that 88% contained material not intended for public release.
Open-source IPFire DNS Firewall blocks malware and phishing at the resolver
The IPFire project shipped Core Update 201 for its 2.29 release line, bringing DNS-layer domain blocking into the open-source firewall distribution. The update replaces two components that many IPFire operators had paired with the system for years, the built-in URL Filter and external Pi-hole deployments, by handling blocklist enforcement directly inside the firewall’s DNS proxy.
US state privacy fines reached $3.425 billion in 2025
State privacy regulators across the United States collected $3.425 billion in privacy-related fines from companies in 2025. Gartner said the upward trend is expected to accelerate through 2028. Annual cumulative fines stood at $1.827 billion in 2024, putting the 2025 result at nearly double the previous year’s level.
The Exchange Online security controls organizations keep getting wrong
In this Help Net Security interview, Scott…
