Tag: linux
-
New Tor Oniux tool anonymizes any Linux app’s network traffic
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-tor-oniux-tool-anonymizes-any-linux-apps-network-traffic/
-
New Linux Vulnerabilities Surge 967% in a Year
Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-linux-vulnerabilities-surge/
-
Nach 9 Monaten: Microsoft fixt endlich kaputt gepatchtes Dual-Boot
Neun Monate hat Microsoft gebraucht, um einen Bug zu fixen, der im vergangenen Jahr zahlreiche Linux-Systeme mit Dual-Boot nicht mehr starten ließ. First seen on golem.de Jump to article: www.golem.de/news/nach-9-monaten-microsoft-fixt-endlich-kaputt-gepatchtes-dual-boot-2505-196238.html
-
Microsoft fixes Linux boot issues on dual-boot Windows systems
Microsoft has fixed a known issue preventing Linux from booting on dual-boot systems with Secure Boot enabled after installing the August 2024 Windows security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-linux-boot-issues-on-dual-boot-windows-systems/
-
Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files
Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect malicious .desktop files, a novel attack vector leveraged by threat actors to compromise systems. Initially documented by Zscaler researchers in 2023, this technique involves the abuse of .desktop files-plain text configuration files used to define application launch behavior in Linux desktop…
-
Nobara Linux 42 brings performance boost and better hardware support
The Nobara Project has released a new version of its Linux distribution, bringing updated packages, performance improvements, and a few visual tweaks aimed at making life … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/14/nobara-linux-42-released/
-
New ClickFix attacks seek to compromise Windows, Linux systems
First seen on scworld.com Jump to article: www.scworld.com/brief/new-clickfix-attacks-seek-to-compromise-windows-linux-systems
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-dayExecutive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…
-
Linus Torvalds goes back to a mechanical keyboard after making too many typos
Tags: linuxLinux 6.15 is coming along nicely too, unless autocorrect messes things up First seen on theregister.com Jump to article: www.theregister.com/2025/05/13/linux_6_15_rc6_keyboards/
-
Microsoft Defender for Business Server – Malwareschutz für Windows- und Linux-Server
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-defender-business-server-malwareschutz-kmu-a-3580f6c82997dd284a31b4e1842dcc7e/
-
Open Source Linux Firewall IPFire 2.29 Core Update 194 Released: What’s New!
IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 Core Update 194, packed with security enhancements, performance improvements, and new features to safeguard networks of all sizes. Renowned for its robust feature set, IPFire continues to deliver a secure, high-performance platform focused on usability and reliability. It’s been a month since […]…
-
CVE-2024-26809: Critical nftables Vulnerability in Linux Kernel Could Lead to Root Access
A critical security flaw has been discovered in the Linux kernel’s nftables subsystem, which is responsible for packet filtering in modern Linux distributions. This flaw, a double-free vulnerability, allows local attackers to escalate their privileges and execute arbitrary code. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2024-26809-nftables-vulnerability/
-
PoC Code Published for Linux nftables Security Vulnerability
Security researchers have published proof-of-concept (PoC) exploit code for CVE-2024-26809, a high-severity double-free vulnerability in Linux’s nftables firewall subsystem. The flaw allows local attackers to escalate privileges and execute arbitrary code, posing significant risks to unpatched systems. Technical Breakdown of CVE-2024-26809 nftables, the modern replacement for legacy iptables, manages network packet filtering through components liketables,sets, andrules.…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH…
-
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS
A North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has utilized malware such as BeaverTail and InvisibleFerret to infiltrate systems. However, in September 2024, WaterPlum introduced a sophisticated new…
-
openSUSE deep sixes Deepin desktop over security stink
Linux giant finds Chinese environment to be perilous beneath pretty exterior First seen on theregister.com Jump to article: www.theregister.com/2025/05/09/opensuse_ditches_deepin/
-
Hackers Exploit PDF Invoices to Target Windows, Linux, and macOS Systems
A recent discovery by the FortiMail Incident Response team has revealed a highly sophisticated email campaign targeting organizations in Spain, Italy, and Portugal. This attack distributes a potent Remote Access Trojan (RAT) known as RATty, primarily affecting Windows systems, but also posing a threat to Linux and macOS environments where the Java Runtime Environment (JRE)…
-
Fedora Linux Joins the Windows Subsystem for Linux Officially
Fedora Project has announced the official availability of Fedora Linux on the Windows Subsystem for Linux (WSL), marking a significant expansion of Fedora’s ecosystem. Starting with Fedora 42, users can now seamlessly integrate Fedora’s cutting-edge tools and development environment directly into Windows via WSL’s tar-based architecture. This integration empowers developers and enthusiasts to leverage Fedora’s…
-
Azure Storage Utility Vulnerability Allows Privilege Escalation to Root Access
A critical vulnerability discovered by Varonis Threat Labs has exposed users of Microsoft Azure’s AI and High-Performance Computing (HPC) workloads to a potential privilege escalation attack. The flaw, found in a utility pre-installed on select Azure Linux virtual machines, made it possible for an unprivileged local user to gain root access-a severe breach of the…
-
IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers
A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege escalation attacks, enabling non-privileged users to gain root or SYSTEM-level access. Designated as CVE-2025-26168 and CVE-2025-26169, these flaws affect versions 1.4.3 and earlier of the software, posing severe risks to industrial, enterprise, and managed service…
-
Interrupt: Starker FlipperKonkurrent kommt mit Linux und Tastatur
Tags: linuxVielfältige Schnittstellen, Linux, ein Farbdisplay und eine integrierte Tastatur machen Interrupt zu einem ernst zu nehmenden Konkurrenten des Flipper Zero. First seen on golem.de Jump to article: www.golem.de/news/interrupt-starker-flipper-zero-konkurrent-kommt-mit-linux-und-tastatur-2505-196028.html
-
Commodore OS 3 is the loudest Linux yet
Tags: linuxOne distro has to be the most extra and here it is First seen on theregister.com Jump to article: www.theregister.com/2025/05/06/commodore_os_3/
-
BFDOOR Malware Targets Organizations to Establish Long-Term Persistence
The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations, particularly in the telecommunications sector. First identified by PwC in 2021, BPFDoor is a highly sophisticated backdoor malware designed to infiltrate Linux systems with an emphasis on long-term persistence and evasion. On April 25, 2025, the Korea Internet & Security Agency…
-
Microsoft Resolves Group Policy Issue Blocking Windows 11 24H2 Installation
Microsoft has resolved a critical enterprise-focused bug that blocked organizations from deploying Windows 11 24H2 through Windows Server Update Services (WSUS), alongside addressing a separate dual-boot Linux compatibility issue tied to older security updates. These fixes come as part of broader efforts to stabilize the 2024 Update rollout, which introduces AI-driven Copilot+ PC features and…
-
Linux wiper malware hidden in malicious Go modules on GitHub
A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/
-
New ClickFix Attack Imitates Ministry of Defence Website to Target Windows Linux Systems
Tags: attack, cyber, cyberattack, government, india, infection, intelligence, linux, malicious, malware, threat, windowsA newly identified cyberattack campaign has surfaced, leveraging the recognizable branding of India’s Ministry of Defence to distribute cross-platform malware targeting both Windows and Linux systems. Uncovered by threat intelligence researchers at Hunt.io, this operation employs a ClickFix-style infection chain, mimicking official government press release portals to lure unsuspecting users into executing malicious payloads. The…
-
Linux disk-wiping malware spread via Go modules
First seen on scworld.com Jump to article: www.scworld.com/brief/linux-disk-wiping-malware-spread-via-go-modules
-
Malicious Go Modules Discovered Wiping Linux Systems in New Supply Chain Attack
Cybersecurity firm Socket has recently uncovered a set of malicious Go modules capable of delivering a destructive disk-wiping payload. The campaign specifically targets Linux systems by exploiting Go’s decentralized module system, putting countless development environments at risk. How Does the… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/malicious-go-modules-linux-supply-chain-attack/
-
Malicious Go Modules designed to wipe Linux systems
Researchers found 3 malicious Go modules with hidden code that can download payloads to wipe a Linux system’s main disk, making it unbootable. The malicious modules contain obfuscated code to fetch next-stage payloads that can wipe a Linux system’s primary disk and make it unbootable. >>Socket’s Threat Research Team uncovered a stealthy and highly destructive…