Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware

Author: Jim Love May 4, 2026 Duration: 13:37
Cybersecurity Today
NewsTechnology

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0. 
At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign. 


Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption. 

Also in this episode:


The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list


A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments


This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now.

Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 

Suggested Chapters (for retention and SEO)
00:00 Microsoft Defender deletes trusted certificates
02:20 DigiCert breach and stolen code-signing certificates
05:20 cPanel zero-day exploited, 44,000 servers compromised
08:40 Linux Copyfail vulnerability now actively exploited
10:40 Critical flaw in open-source car software

 


Every morning, Jim Love sifts through the noise of the digital world to bring you a clear, concise briefing on what actually matters. Cybersecurity Today isn't about fearmongering; it's about practical awareness. You'll hear straightforward analysis of the most recent attacks targeting companies, from sophisticated ransomware campaigns to stealthy data theft. Jim breaks down the implications of major breach disclosures, explaining not just what was stolen, but how it happened and who is affected. The focus remains on actionable intelligence-concrete steps and strategic thinking that can help protect your organization's data and infrastructure. This daily podcast serves as an essential filter for IT professionals, business leaders, and anyone responsible for digital assets, transforming complex threats into understandable insights. Tune in for a grounded perspective on navigating an online landscape where the risks are constantly evolving, and the need for clear, timely information has never been greater.
Author: Language: English Episodes: 100

Official website RSS
linkedin
Cybersecurity Today
Podcast Episodes
OpenClaw, MoltBot, Clawdbot - From Bad to Worse [not-audio_url] [/not-audio_url]

Duration: 11:50
In this episode of Cybersecurity Today, host Jim Love discusses the latest advancements in AI-driven cyber attacks and their implications for security infrastructure. The episode covers a variety of topics, including the…
Critical Cybersecurity Updates: Fortinet, Docker, and Android Malware [not-audio_url] [/not-audio_url]

Duration: 10:24
In this episode of Cybersecurity Today, Jim Love covers major vulnerabilities and security threats, including the exposure of over 3 million Fortinet devices, a critical flaw in Docker's AI assistant, and a sophisticated…
The Rise of Actionable AI Agents: Navigating the Security Landscape [not-audio_url] [/not-audio_url]

Duration: 14:53
In this episode of Cybersecurity Today, host Jim Love explores the burgeoning world of actionable AI agents, examining key developments from companies like Google and Anthropic. The episode delves into the rapid rise of…
What's App Privacy Lawsuit [not-audio_url] [/not-audio_url]

Duration: 13:11
Cybersecurity Today: WhatsApp Privacy Lawsuit, Google's Personal AI, Canada Computers Breach, and Mass Password Leak In this episode, host Jim Love discusses pressing cybersecurity issues, including a lawsuit against Wha…
AWS Flaw Could Have Put Every Account At Risk [not-audio_url] [/not-audio_url]

Duration: 11:56
Cybersecurity Today: Critical Fortinet Flaws, Windows 11 Issues, and Major Cloud Security Near Miss In today's episode of Cybersecurity Today, host David Shipley covers several pressing cybersecurity topics including the…
11 Year Old LInux Bug Allows Root Access [not-audio_url] [/not-audio_url]

Duration: 6:57
Fortinet Firewall Breached, Hidden Linux Vulnerability & Ransomware Boss Pleads Guilty | Cybersecurity Today In this episode of Cybersecurity Today, host David Shipley discusses the latest breach involving Fortinet Forti…
The First Wave Of Sophisticated AI Generated Malware [not-audio_url] [/not-audio_url]

Duration: 13:41
Critical Cybersecurity Updates: Microsoft, Goot Loader, Anthropic, and AI-Generated Malware In this episode of Cybersecurity Today, host Jim Love discusses the latest security patches and threats in the industry. Topics…

«12345678910»