Tag: linux
-
Google Cloud Donates A2A Protocol to Linux Foundation for Smarter, Secure Communication
In a landmark move for the artificial intelligence industry, Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, marking a significant step toward open, secure, and interoperable communication between AI agents. The announcement was made at the Open Source Summit North America, where the Linux Foundation unveiled the formation of the Agent2Agent…
-
LapDogs Hackers Compromise 1,000 SOHO Devices Using Custom Backdoor for Stealthy Attacks
Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over 1,000 devices worldwide. Identified as a key tool for China-Nexus threat actors, LapDogs primarily targets Small Office/Home Office (SOHO) routers and IoT devices, particularly Linux-based systems, to facilitate covert operations. This…
-
Linux servers subjected to resurgent Prometei botnet intrusions
First seen on scworld.com Jump to article: www.scworld.com/brief/linux-servers-subjected-to-resurgent-prometei-botnet-intrusions
-
Chinese Hackers Turn Unpatched Routers Into ORB Spy Network
ShortLeash Backdoor Hijacks SOHO Linux Devices. Likely Chinese nation-state hackers are converting Internet of Things devices including Ruckus Wireless home routers into an operational relay box network – a run of infections creating more digital infrastructure almost certainly used for cyberespionage. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-turn-unpatched-routers-into-orb-spy-network-a-28784
-
LinuxFest Northwest: Barbie’s Journey A CI/CD Tale Of Transformation
Authors/Presenters: Autumn Nash (Product Manager At Microsoft, Specializing In Linux Security) Kerri-Leigh Grady (Solutions Architect At AWS) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College…
-
Linux-Based Firewall IPFire 2.29 Rolls Out Update 194 with Improved VPN Features
The highly anticipated IPFire 2.29 Core Update 194 has officially landed, delivering a significant upgrade for users of the popular Linux-based firewall. This release stands out for its much-awaited native support for the WireGuard VPN protocol, alongside a suite of improvements, security enhancements, and updated packages. WireGuard Arrives One of the headline features of […]…
-
Stealthy backdoor found hiding in SOHO devices running Linux
SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/23/lapdogs-shortleash-backdoor-linux-soho-devices/
-
LinuxFest Northwest: Project Caua: Start Your Own Business, Be Your Own Boss
Author/Presenter: Jon “maddog” Hall, (Board Chair Emeritus: Linux Professional Institute, Founder: Project Cauã, Co-Founder: Caninos Loucos, Technical Advisor: QSentinel, Executive Director: Linux® International®) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events…
-
Linux-Systeme in Gefahr: Zwei kritische Sicherheitslücken entdeckt
Sicherheitsforscher von Qualys haben eine gravierende Kombination zweier Schwachstellen entdeckt, mit der Angreifer auf vielen Linux-Systemen Root-Rechte erlangen können und das ohne besondere Privilegien. Besonders brisant: Die Lücken betreffen standardmäßig installierte Komponenten in weit verbreiteten Distributionen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/linux-systeme-in-gefahr
-
LinuxFest Northwest: The Intersectionality Of Human Psychology, Security And The Era Of AI And Misinfo
Author/Presenter: Autumn Nash (Product Manager At Microsoft, Specializing In Linux Security Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the…
-
Prometei Botnet Targets Linux Servers for Cryptocurrency Mining Operations
Unit 42 researchers from Palo Alto Networks have identified a renewed wave of attacks by the Prometei botnet, specifically targeting Linux servers, as of March 2025. Initially discovered in July 2020 with a focus on Windows systems, Prometei has since evolved, with its Linux variant gaining prominence since December 2020. Resurgence of a Persistent Threat…
-
Linux flaws chain allows Root access across major distributions
Researchers discovered two local privilege escalation flaws that could let attackers gain root access on systems running major Linux distributions. Qualys researchers discovered two local privilege escalation (LPE) vulnerabilities, an attacker can exploit them to gain root privileges on machines running major Linux distributions. The two vulnerabilities are: The first flaw (CVE-2025-6018) allows an unprivileged…
-
Amazon Linux 2023 achieves FIPS 140-3 validation
Tags: linuxAmazon Linux 2023 (AL2023) has earned FIPS 140-3 Level 1 validation for several of its cryptographic modules. This means it’s now approved for use in systems that need … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/20/amazon-linux-2023-achieves-fips-140-3-validation/
-
ClamAV 1.4.3 and 1.0.9 Released with Fixes for Critical Remote Code Execution Vulnerability
The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise system integrity. Alongside these patches, the team has introduced Linux aarch64 (ARM64) RPM and DEB installer packages for the 1.4 LTS release, broadening compatibility for users on ARM-based architectures. The release…
-
CISA Alerts to Active Exploits of Linux Kernel Improper Ownership Management Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386, which has now been added to the Known Exploited Vulnerabilities (KEV) Catalog. This flaw, rooted in the OverlayFS subsystem of the Linux kernel, allows local users to escalate privileges and potentially gain…
-
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges…
-
New Chaos RAT Variants Targeting Windows and Linux Systems to Steal Sensitive Data
The Acronis Threat Research Unit has identified new variants of Chaos RAT, a remote administration tool (RAT) that has evolved from an open-source project first observed in 2022 into a formidable multi-platform malware. These latest iterations of Chaos RAT are now targeting both Windows and Linux systems, showcasing an alarming level of sophistication through phishing-driven…
-
Kali Linux 2025.2 released with 13 new tools, car hacking updates
Kali Linux 2025.2, the second release of the year, is now available for download with 13 new tools and an expanded car hacking toolkit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/
-
BERT Ransomware Escalates Attacks on Linux Machines with Weaponized ELF Files
The BERT ransomware group, first detected in April 2025 but active since mid-March, has expanded its reach from targeting Windows environments to launching sophisticated attacks on Linux machines as of May 2025. Initially spotted through phishing campaigns, BERT has evolved into a formidable adversary by deploying weaponized ELF (Executable and Linkable Format) files tailored for…
-
Carsenal: Neues Kali Linux enthält Tools zum Hacken von Autos
Kali Linux 2025.2 liefert nicht nur eine optimierte Menüstruktur. Es enthält auch ein aktualisiertes Toolset, mit dem sich Fahrzeuge hacken lassen. First seen on golem.de Jump to article: www.golem.de/news/carsenal-neues-kali-linux-enthaelt-tools-zum-hacken-von-autos-2506-197164.html
-
Review: Learning Kali Linux, 2nd Edition
Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/review-learning-kali-linux-2nd-edition/
-
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/14/kali-linux-2025-2-released-bloodhound-ce-carsenal/
-
Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added
Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces a restructured Kali Menu, upgraded desktop environments, 13 new tools, and significant Kali NetHunter advancements, including smartwatch Wi-Fi injection and a car hacking toolset. Here’s a concise look at the key…
-
LinuxFest Northwest: LFNW 2025: In The Beginning…
Author/Presenter: Jon “maddog” Hall (Board Chair Emeritus: Linux Professional Institute, Founder: Project Cauã, Co-Founder: Caninos Loucos, Technical Advisor: QSentinel, Executive Director: Linux® International®) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events…
-
Linux Malware Authors Targeting Cloud Environments with ELF Binaries
Unit 42, Palo Alto Networks’ threat intelligence division, has recently conducted investigations that have revealed a worrying trend: threat actors are increasingly creating and modifying Linux Executable and Linkable Format (ELF) malware to attack cloud infrastructure. With cloud adoption skyrocketing and Linux-based systems underpinning the vast majority of cloud workloads estimates suggest between 70% and…
-
Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen
Tags: ai, bug, chatgpt, cvss, exploit, github, incident response, linux, LLM, open-source, tool, update, vulnerabilityEin neu entwickeltes GenAI-Tool soll helfen, Schwachstellen in großen Open-Source-Repositories zu erkennen und zu patchen.Niederländische und iranische Sicherheitsforscher haben ein neues Tool auf Basis von generativer KI (GenAI) ins Leben gerufen, das Plattformen wie ChatGPT ermöglichen soll, Bugs in Code-Repositories zu erkennen und zu patchen.Die Anwendung wurde getestet, indem GitHub nach einer bestimmten Schwachstelle durch…
-
Multiple Chrome Flaws Enable Remote Code Execution by Attackers
Google Chrome’s Stable channel is being updated to version 137.0.7151.103 for Windows and Mac, with Linux receiving version 137.0.7151.103 as well. The rollout will take place gradually over the coming days and weeks, ensuring smooth deployment and minimal disruption for users. The official changelog provides a detailed breakdown of all modifications and enhancements included in…
-
Apple tries to contain itself with lightweight Linux VMs for macOS
Swift-based containerization framework aims to improve performance and security First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/apple_tries_to_contain_itself/
-
Linux Foundation unveils decentralized WordPress plugin manager
A collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress plugins and themes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/linux-foundation-unveils-decentralized-wordpress-plugin-manager/