Skip to main content

Tag: linux

94 articles

Motherboard components and UEFI firmware chip in a well-lit lab setting.

Microsoft-Signed Linux UEFI Shims Expose Secure Boot Bypass Risk

A newly discovered vulnerability in 11 Microsoft-signed Linux UEFI shims could allow hackers to bypass Secure Boot and deploy malicious code during system startup, putting your device at risk of infection with UEFI bootkits or other malware. This security flaw enables attackers to execute untrusted code during boot, making it a critical threat to your system's security.

Analyst 207
Cybersecurity researcher working at cluttered desk with laptop and Linux devices nearby.

Malware Delivered via Trojanized GitHub Exploits Targets Security Researchers

Security researchers have been targeted by a sneaky malware campaign that uses trojanized GitHub exploits to deliver a Python-based remote access trojan, hiding in plain sight within popular proof-of-concept code repositories. The malware, downloaded over 2,400 times mostly on Linux-based systems, was spread through malicious packages cleverly concealed in dependency lists on GitHub.

Analyst 207
Cluttered home office desk with Linux workstation, notes, and technical books.

Arch Linux Cracks Down on Malicious Commits in User Repository

Malicious hackers have launched a massive assault on the Arch User Repository, compromising over 1,500 user-submitted packages and forcing the Arch Linux team to temporarily halt new account signups to contain the damage. The attack has been mitigated, but not before highlighting the vulnerability of community-run package repositories.

Analyst 207
Dimly lit computer terminal in a quiet workspace with blurred background elements.

Arch Linux AUR Packages Targeted in Credential Stealer Campaign

Malicious actors have hijacked over 400 Arch Linux AUR packages, quietly altering their build scripts to deploy a sneaky Rust credential stealer in a campaign dubbed Atomic Arch. By targeting abandoned packages and preserving their original names and histories, the attackers cleverly evaded detection.

Analyst 207
Linux workstation in a modern office setting with natural lighting.

Linux Flaw Enables Rapid Local Root Access Escalation

A single-character logic error in Linux's nf_tables code, known as CVE-2026-23111, can quickly turn an unprivileged local account into a powerful root account, allowing for container escape - and publicly available exploit code makes it a pressing concern. This vulnerability has already been patched, but its public exposure puts Linux users at risk.

Analyst 207
Server equipment sits on a rack in a data center with cables and networking gear surrounding it.

VerdantBamboo Targets Linux Systems with Customized Malware Arsenal

Meet VerdantBamboo, a stealthy threat actor that infiltrated Linux and BSD systems, hiding in plain sight for 18 months by cleverly evading detection and morphing its malware arsenal to blend in. Its sophisticated attacks went undetected until Volexity's incident response team uncovered the intrusion, revealing a complex trail that led from Egnyte appliances into Microsoft 365 environments.

Analyst 207
Developer workspace with Windows laptop, notes, and coding materials, displaying a command-line interface with mixed…

Microsoft Brings Linux Commands to Windows with Coreutils Release

Microsoft just made life easier for developers who juggle Windows and Linux, releasing Coreutils for Windows, a package that brings commonly used Linux commands to Windows as native apps. This game-changing move eliminates frustrating workarounds and context switching, letting devs focus on what matters most - coding.

Analyst 207
Laptop and development tools sit on a cluttered workspace surrounded by generic technology equipment.

GitHub-Hosted Malware Targets PHP Packages in Coordinated Supply Chain Attack

Malicious code was injected into eight PHP packages on Packagist, triggering a Linux binary download from GitHub Releases via JavaScript lifecycle hooks in package.json postinstall scripts. The attack was swiftly contained, with the malicious versions removed from Packagist.

Analyst 207
Modern computer lab setting with a laptop and peripherals.

Linux Kernel Faces New Exploit for DirtyDecrypt Vulnerability

A new exploit has been discovered for the DirtyDecrypt vulnerability in the Linux Kernel, allowing for a potentially devastating rxgk pagecache write due to a missing copy-on-write guard. This flaw, tracked as CVE-2026-31635, has a CVSS score of 7.5 and was recently patched after being reported by security researchers.

Analyst 207
A Linux system terminal in a neutral setting with ambient lighting.

Linux Flaw Exposes Root Files to Unprivileged Users

A critical flaw in the Linux kernel has been discovered, allowing unprivileged users to access files that should be restricted to root accounts, putting system security at risk. This bug puts a spotlight on the importance of kernel access controls for system operators and users who rely on them.

Analyst 207
Dimly lit server room with equipment and one glowing server screen.

DirtyDecrypt Flaw Exposes Linux Systems to Root Access Risk

A newly patched Linux kernel flaw, dubbed DirtyDecrypt, has been exposed through a public proof-of-concept exploit that can grant root access to vulnerable systems. This critical vulnerability was recently patched, but a public exploit is now available, putting Linux systems at risk.

Analyst 207
Person working at computer workstation surrounded by Linux notes and documentation.

AI-Powered Bug Hunters Overwhelm Linux Security List

If you're using AI tools to find bugs, make sure to go the extra mile by creating a patch and adding real value to your report, rather than just sending a superficial notice. Don't be a drive-by reporter - take the time to understand the issue and contribute meaningfully.

Analyst 207
Cluttered desk in a university setting with a generic computer terminal.

Linux Flaw Exposes Local Users to Root Access

A newly discovered Linux flaw, dubbed Fragnesia, allows unprivileged local users to gain root access by exploiting a weakness in the kernel's handling of shared page fragments, putting all Linux kernels released before May 13, 2026, at risk. This vulnerability can be triggered through a simple sequence of operations, making it a serious threat to Linux users.

Analyst 207
Linux system administrator working in data center with server screen displaying terminal.

Linux Flaw Exposes Systems to Root Privilege Attacks

A newly discovered Linux kernel vulnerability, dubbed Fragnasia, allows hackers to gain root privileges and take control of your system - and it's been hiding in plain sight in all Linux kernels released before May 13, 2026. This high-severity flaw lets unprivileged attackers write malicious code into read-only files, giving them unrestricted access to your system.

Analyst 207
Linux developer in dimly lit workspace looks concerned amidst computer screens and notes.

Linux Defenders Scramble to Outpace Exploit Cycle

Linux defenders are racing against the clock to outmaneuver exploiters, with one maintainer proposing a temporary "kill switch" to disable vulnerable kernel functions until a proper patch can be developed. This stopgap solution aims to buy crucial time between vulnerability discovery and patch release.

Analyst 207
Cluttered workstation with researcher in background looking at laptop.

Linux Distributions Scramble to Patch Dirty Frag Kernel Vulnerabilities

A critical vulnerability known as Dirty Frag has been discovered in the Linux kernel, allowing attackers with local access to gain root privileges across major distributions. Linux distributions are now racing against the clock to patch this chained local privilege escalation flaw.

Analyst 207
Dimly lit industrial control system with blank, softly glowing screen in a data center setting.

Linux Flaw Exposes Public Root Exploit With No Patches

A critical Linux vulnerability known as Dirty Frag has been exposed, leaving systems open to a public root exploit with no patches or fix available. This high-urgency flaw allows hackers to gain root access, making it essential for admins to take immediate action.

Analyst 207
Linux terminal on a laptop in a research setting with code on the screen.

Linux 'Dirty Frag' Zero-Day Exposes Root Flaw in Major Distros

A newly discovered Linux zero-day, dubbed "Dirty Frag," allows hackers to instantly gain root access on major distributions by chaining two separate kernel vulnerabilities. This flaw enables attackers to alter protected system files in memory without authorization, putting countless systems at risk.

Analyst 207
Rows of computer servers and storage equipment in a data center with a single unoccupied Linux terminal in the foreground.

PCPJack Worm Targets Cloud Infrastructure, Steals Credentials

A fresh malware campaign, dubbed PCPJack, is targeting cloud infrastructure, stealing credentials and wreaking havoc on Linux-based systems with a sophisticated framework that installs hidden working directories and establishes persistence. This alarming attack bears striking similarities to earlier TeamPCP/PCPCat campaigns, raising concerns about its potential impact.

Analyst 207
Close-up of Linux server room with a single workstation and equipment in sharp focus under soft daylight.

Linux Flaw Exposes Millions to Local Privilege Escalation

A critical Linux flaw, known as Copy Fail, has been discovered, exposing millions to potential local privilege escalation attacks - a vulnerability that highlights a deterministic logic error in the Linux kernel's cryptographic subsystem. This flaw, tracked as CVE-2026-31431, was publicly disclosed on April 29, 2026.

Analyst 207
Linux terminal on a monitor in a data center or computer lab setting.

CISA Warns of Actively Exploited Linux Root Access Bug

A nine-year-old Linux kernel bug, known as Copy Fail, is being actively exploited in the wild, allowing unprivileged users to gain root access with a simple 732-byte Python-based exploit. The Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, warning of potential security risks.

Analyst 207
Linux web hosting control panel setup in a server room with out-of-focus laptop screen nearby.

cPanel flaw fuels mass Sorry ransomware attacks

A critical flaw in cPanel, tracked as CVE-2026-41940, has been exploited in a massive ransomware campaign, compromising at least 44,000 IP addresses. This alarming attack has already been used in the wild as a zero-day, with threat actors accessing control panels and wreaking havoc on web hosting systems.

Analyst 207
Close-up of Linux server circuit board with a faintly glowing area indicating a vulnerability.

AI Uncovers Nine-Year-Old Linux Kernel Zero-Day Flaw

A shocking nine-year-old flaw in the Linux kernel, dubbed "Copy Fail," allows unprivileged users to secretly alter readable files and potentially gain root access to affected systems. This vulnerability, tracked as CVE-2026-31431, has been lurking in Linux kernels since 2017, putting countless machines at risk.

Analyst 207
Cluttered office workstation with laptop and external hard drive amidst scattered papers and supplies, conveying disruption…

VECT 2.0 Ransomware Exposes Flaw, Irreparably Destroys Large Files

Meet VECT 2.0, a malicious ransomware that doesn't just hold your files hostage - it destroys them, leaving you with no way to recover even if you pay up. This cunning malware wreaks havoc on large files across Windows, Linux, and ESXi hosts, causing irreversible damage.

Analyst 207