Use Docker SBOMs to inventory container images, verify dependencies, connect vulnerability scanning, and prepare supply-chain reviews before production changes.
Sygnia says Velvet Ant replaced Linux PAM and OpenSSH components in a long-running intrusion. Hosting admins should verify login-stack integrity before rotating credentials.
CVE-2026-4802 affects Cockpit on RHEL-family Linux servers. Restrict management access, patch Cockpit packages, and review admin activity safely.
Patch cPanel & WHM and WP Squared for CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 with safe verification steps for hosting providers.
2026 update: this was an old ImunifyAV/ClamAV cron noise issue we saw on a cPanel server in 2023. It appears to have been corrected in later Imunify releases, but the troubleshooting lesson is still useful:
