Tag: linux
-
Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code
A critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges. Tracked as CVE-2025-38561, this flaw affects Linux distributions that include the ksmbd SMB server implementation. Authentication is required, but a successful exploit can grant full control of the affected host. Vendors and administrators should apply…
-
Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools
OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/24/kali-linux-2025-3-released/
-
Kali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting Tools
Kali Linux 2025.3 has arrived, bringing a wave of improvements, updated firmware support, and a suite of ten new security tools. This release builds on the June 2025.2 update by refining core workflows, extending wireless capabilities, and preparing the distribution for emerging architectures. Whether you rely on virtual machines, Raspberry Pi devices, or mobile pentesting…
-
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that…
-
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that…
-
Chrome High-severity Flaws Expose Sensitive Data, Trigger System Crashes
Google has released an urgent security update for its Chrome browser, addressing three high-severity vulnerabilities that could allow attackers to leak sensitive information and cause system instability. The latest Chrome version 140.0.7339.207/.208 for Windows and Mac, and 140.0.7339.207 for Linux, patches critical flaws in the V8 JavaScript engine that powers the browser’s web content processing.…
-
Sichere Linux-Distributionen im Vergleich – Qubes OS Whonix und Tails im Vergleich der Sicherheitsstrategien
Tags: linuxFirst seen on security-insider.de Jump to article: www.security-insider.de/qubes-os-whonix-tails-sicherheitsstrategien-a-052feaa3f75a4bbac9ad00f3dbc09f97/
-
Sysdig entdeckt -ZynorRAT- Neuer RemoteTrojaner steuert Opfer per Telegram
ZynorRAT zeigt, wie bekannte Kommunikationsplattformen zu verlässlichen C2-Kanälen für Angriffe werden können. Gerade Linux-Workloads geraten verstärkt ins Visier. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sysdig-entdeckt-zynorrat-neuer-remote-access-trojaner-steuert-opfer-per-telegram/a42094/
-
Flipper Blackhat: Wenn der Flipper Zero zum portablen LinuxTester wird
Wer möchte, kann sein Flipper Zero zu einer Art Schweizer Taschenmesser verwandeln. Damit sind unzählige Penetrationstests möglich. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/flipper-blackhat-wenn-der-flipper-zero-zum-portablen-linux-pen-tester-wird-321012.html
-
Neuer RemoteTrojaner ‘ZynorRAT” steuert Opfer per Telegram
Das Threat-Research-Team (TRT) von Sysdig hat mit eine neue Malware-Familie identifiziert. Der Remote-Access-Trojaner wurde in Go entwickelt, läuft auf Linux und Windows und wird über einen Telegram-Bot ferngesteuert. Erstmals tauchte am 8. Juli 2025 auf Virus-Total auf. Seither deuten Funde und Telemetriedaten auf Ursprünge in der Türkei hin. ist ein Fernzugriffswerkzeug (RAT), […] First seen…
-
BlackLock Ransomware Targets Windows, Linux, and VMware ESXi Systems
BlackLock, a rebranded ransomware group formerly known as El Dorado, has emerged as a formidable threat to organizations worldwide. First identified in June 2024 when its Dedicated Leak Site (DLS) began exposing victim data, the gang is believed to have been active since March 2024. The latest analysis by AhnLab Security Intelligence Center (ASEC) sheds…
-
PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi
A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that users expect from their VPN service. The vulnerability affects both the graphical user interface (GUI version 2.10.0) and command-line interface (CLI version 2.0.1) on Linux systems, specifically tested on Ubuntu…
-
Malicious PyPI Packages Deliver SilentSync RAT
IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
-
UEFI Secure Boot for Linux Arm64 where do we stand?
Tags: linuxStill exotic for now, but moves are afoot First seen on theregister.com Jump to article: www.theregister.com/2025/09/17/uefi_secure_boot_for_linux/
-
Linux Kernel KSMBD Flaw Lets Remote Attackers Drain Server Resources
A critical vulnerability in the Linux kernel’s KSMBD implementation has been discovered that allows remote attackers to completely exhaust server connection resources through a simple denial-of-service attack. The flaw, tracked as CVE-2025-38501 and dubbed >>KSMBDrain,
-
0-Click Linux Kernel KSMBD Vulnerability Enables Remote Code Execution via N-Day Exploit
A recent vulnerability in the Linux Kernel’s KSMBD module allows an attacker to execute arbitrary code on a target system without any user interaction. KSMBD is a kernel-space SMB3 server that handles network file sharing. Researchers demonstrated a stable exploit against KSMBD in Linux 6.1.45, achieving remote code execution (RCE) with a success rate above…
-
Why Security-Minded Teams Are Turning to Hardened Linux Distributions
In conversations about operating system security, >>compliance
-
Linux CUPS Flaw Allows Remote Denial of Service and Authentication Bypass
Two critical security vulnerabilities have been discovered in the Common Unix Printing System (CUPS), a widely used printing subsystem for Unix-like operating systems. The flaws, designated as CVE-2025-58364 and CVE-2025-58060, expose Linux systems to remote denial-of-service attacks and authentication bypass, potentially affecting millions of Linux machines worldwide. CVE Severity CVSS Score Impact Affected Versions CVE-2025-58364…
-
9 unverzichtbare Open-Source-Security-Tools
Tags: attack, authentication, backdoor, blueteam, breach, ciso, cyersecurity, data-breach, encryption, incident response, intelligence, linux, mail, malware, monitoring, open-source, powershell, privacy, risk, software, sql, threat, tool, vulnerability, windowsDiese Open-Source-Tools adressieren spezifische Security-Probleme mit minimalem Footprint.Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen des Unternehmens-Stacks zu verhindern.Falls Sie nun gedanklich bereits…
-
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Security Attacks
Security researchers at Straiker’s AI Research (STAR) team have uncovered Villager, an AI-native penetration testing framework developed by Chinese-based group Cyberspike that has already accumulated over 10,000 downloads within two months of its release on the official Python Package Index (PyPI). The tool combines Kali Linux toolsets with DeepSeek AI models to fully automate penetration…
-
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s reliability and user experience. Critical GUI Crash Fixes Implemented The most significant improvements in VirtualBox…
-
Docker malware breaks in through exposed APIs, then changes the locks
The variant has creative twists: Setting the variant apart is its move to deny others access to the same Docker API, effectively monopolizing the attack surface. It tries to modify firewall settings (iptables, nft, firewall-cmd, etc.) via a cron job to drop or reject incoming connections to port 2375. A cron job is a scheduled…
-
ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access
During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based Remote Access Trojan (RAT) delivers a comprehensive suite of custom command-and-control (C2) capabilities for both Linux and Windows systems. First uploaded to VirusTotal on July 8, 2025, ZynorRAT exhibits no significant overlap with known malware…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
New Exploitation Method Discovered for Linux Kernel UseFree Vulnerability
A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques to bypass kernel slab allocator and race condition protections, making exploitation much more feasible than…
-
New Exploitation Method Discovered for Linux Kernel UseFree Vulnerability
A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques to bypass kernel slab allocator and race condition protections, making exploitation much more feasible than…
-
New Exploitation Method Discovered for Linux Kernel UseFree Vulnerability
A new exploitation method has been discovered for the Linux kernel use-after-free (UAF) vulnerability tracked as CVE-2024-50264. The vulnerability was awarded the Pwnie Award 2025 for Best Privilege Escalation due to its complexity and impact on major Linux distributions. Researchers developed innovative techniques to bypass kernel slab allocator and race condition protections, making exploitation much more feasible than…
-
Exploit-Analyse von Kaspersky – Die beliebtesten Windows- und Linux-Schwachstellen
First seen on security-insider.de Jump to article: www.security-insider.de/steigende-cyberangriffe-windows-linux-schwachstellen-kaspersky-warnung-a-4ffbb12393a1344c6e1b989d1a7fea68/