Tag: linux
-
New Stealthy Linux Malware Merges Mirai-based DDoS Botnet with Fileless Cryptominer
Cybersecurity researchers uncover a sophisticated Linux campaign that blends legacy botnet capabilities with modern evasion techniques. A newly discovered Linux malware campaign is demonstrating the evolving sophistication of threat actors by combining Mirai-derived distributed denial-of-service (DDoS) functionality with a stealthy, fileless cryptocurrency mining operation. According to research from Cyble Research & Intelligence Labs (CRIL), the…
-
Sicherheitslücken in Linux-Grafikkomponenten – X.Org und Xwayland trotz unklarem Angriffsweg angreifbar
Tags: linuxFirst seen on security-insider.de Jump to article: www.security-insider.de/bsi-warnt-vor-schwachstellen-in-xorg-und-xwayland-a-f44e44c9d8ea7c1f088dc601cccdd0cf/
-
The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent<< Shortcuts
The post The BOSS Breach: APT36 Pivots to Linux Espionage with >>Silent
-
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829 (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a cross-site scripting (XSS) flaw that impacts Windows and Linux versions via system_settings.shtm.…
-
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829 (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a cross-site scripting (XSS) flaw that impacts Windows and Linux versions via system_settings.shtm.…
-
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
-
Linux 6.18 Rolls Out With Major Hardware Support Upgrades and Driver Enhancements
Linus Torvalds has officially released Linux 6.18, the latest stable version of the Linux kernel. The announcement came on Sunday, November 30, 2025, marking another milestone for the open-source operating system that powers everything from smartphones to supercomputers. Torvalds shared the news through the Linux kernel mailing list, noting that while there was more bugfixing…
-
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
-
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, linux, software, vulnerability, windows, xssThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation.The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw that affects Windows and Linux versions of the software via First seen on…
-
Linux 6.18-rc7 Released With New Bug Fixes and Driver Updates
The Linux kernel development team has released version 6.18-rc7, marking another step toward the final 6.18 release expected next weekend. According to kernel maintainer Linus Torvalds, the release cycle remains on track despite a minor setback in the previous version that required immediate attention. What’s New in rc7 The release candidate includes a more modest…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Tsundere Botnet Targets Windows, Linux macOS via Node.js Packages
A Russian-speaking threat actor attributed to the username >>koneko
-
The nexus of risk and intelligence: How vulnerability-informed hunting uncovers what everything else misses
Tags: access, attack, authentication, business, cisa, compliance, cve, cvss, dark-web, data, defense, detection, dns, edr, endpoint, exploit, framework, intelligence, kev, linux, malicious, mitigation, mitre, monitoring, ntlm, nvd, open-source, password, powershell, remote-code-execution, risk, risk-management, siem, soc, strategy, tactics, technology, threat, update, vulnerability, vulnerability-managementTurning vulnerability data into intelligence: Once vulnerabilities are contextualized, they can be turned into actionable intelligence. Every significant CVE tells a story, known exploit activity, actor interest, proof-of-concept code or links to MITRE ATT&CK techniques. This external intelligence gives us the who and how behind potential exploitation.For example, when a privilege escalation vulnerability in Linux…
-
Linus Torvalds is OK with vibe coding as long as it’s not used for anything that matters
Linux inventor also discusses Rust in the kernel, Nvidia’s proprietary code, and the problem of AI crawlers First seen on theregister.com Jump to article: www.theregister.com/2025/11/18/linus_torvalds_vibe_coding/
-
KI-Unterstützung für Penetrationstests mit Kali Linux – KaliGPT automatisiert Pentest in Kali Linux mit natürlicher Sprache
First seen on security-insider.de Jump to article: www.security-insider.de/kali-gpt-ki-pentest-kali-linux-a-ec1ee3ed3d1723db6dab3fbbee3fdb50/
-
Imunify AI-Bolit Flaw Allows Arbitrary Code Execution and Root Privilege Escalation
A critical vulnerability was discovered in the AI-Bolit component of Imunify security products, raising concerns across the web hosting and Linux server communities. This flaw could let attackers execute arbitrary code and escalate their privileges to root, risking the integrity of millions of servers worldwide. Imunify, a security platform widely used on web hosting servers,…
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately to prevent potential server compromises. The vulnerability details began circulating in late October 2024, prompting urgent recommendations for affected hosting providers to verify the integrity of their…
-
Alte Linux-Schwachstelle wird erneut aktiv ausgenutzt – Ransomware-Gruppen nutzen Linux-Schwachstelle: CISA schlägt Alarm
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2024-1086-linux-luecke-cisa-warnt-a-fd576b9a931bb168260bc28d4b2c876a/
-
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-akira-ransomware-linux-encryptor-targeting-nutanix-vms/
-
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/rce-flaw-in-imunifyav-puts-millions-of-linux-hosted-sites-at-risk/
-
EOL-Software gefährdet Unternehmenssicherheit
Geräte mit End-of-Life-Software (EOL) stellen nach wie vor ein weit verbreitetes Sicherheitsproblem in Unternehmen dar.Laut einer Studie von Palo Alto Networks laufen 26 Prozent der Linux-Systeme und acht Prozent der Windows-Systeme mit veralteten Versionen. Die Ergebnisse basieren auf Telemetriedaten von 27 Millionen Geräten in den Netzwerken von 1.800 Unternehmen.Die Analyse offenbart zudem, dass 39 Prozent…
-
Ubuntu 25.10’s Rusty sudo holes quickly welded shut
Tags: linuxThe goal of ‘oxidizing’ the Linux distro hits another bump First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/ubuntu_rust_sudo_hole/
-
GNU Coreutils 9.9 brings fixes and updates across essential tools
GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/gnu-coreutils-9-9-released/
-
GNU Coreutils 9.9 brings fixes and updates across essential tools
GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/gnu-coreutils-9-9-released/
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…