Daily Threat Briefing – May 4, 2026

This briefing reports multiple high-risk, actively exploited threats: a Linux root vulnerability (CVE-2026-31431) in active exploitation, mass cPanel exploitation by the “Sorry” ransomware (CVE-2026-41940), a Trellix source-code repository breach with supply-chain implications, a China-linked APT campaign targeting governments and journalists, and Russian military intelligence operations harvesting Microsoft Office tokens via compromised routers; immediate patching, forensics, segmentation, and coordination with vendors and partners are recommended.