Tag: linux
-
Ransomware Threat Grows as Attackers Move Into VMware and Linux
Linux has been the reliable backbone of business infrastructure for many years; it powers 96% of the top million web servers worldwide and more than 80% of workloads in public clouds. Its reputation for reliability and inherent security has long shielded it from the intense scrutiny faced by Windows environments. However, this era of relative…
-
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes
A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and remote code execution on Linux and macOS systems. CVE-2025-48384 affects Git installations usinggit clone recursiveon weaponized repositories, exploiting improper handling of carriage return characters in.gitmodulesfiles to bypass security controls. Field Details CVE ID CVE-2025-48384 CVSS…
-
BERT Ransomware Can Force Shutdown of ESXi Virtual Machines to Hinder Recovery
A newly identified ransomware group, BERT, tracked by Trend Micro as Water Pombero, has emerged as a significant threat to organizations across Asia, Europe, and the US. First observed in April, BERT targets critical sectors such as healthcare, technology, and event services, employing a dual-platform approach to infect both Windows and Linux systems. Threat Targeting…
-
New Bert Ransomware Evolves With Multiple Variants
An emerging ransomware group that calls itself Bert is quickly evolving after hitting the cybercrime scene in April, targeting both Windows and Linux systems used by organizations in the health care, tech, and other industries in the United States, Europe, and Asia. It may be a Russian group whose malware evolved from REvil code. First…
-
How a 12-year-old bug in Sudo is still haunting Linux users
Sudo is trusting the wrong host: CVE-2025-32462, which remained unnoticed for over 12 years, requires a specific, but common configuration of restricting Sudo rules to certain hostnames or hostname patterns.According to the researchers, the sudoers file uses flexible syntax to suit any organization size, allowing a single configuration to work across Linux and UNIX systems…
-
Pakistan’s Transparent Tribe Hits Indian Defence with Linux Malware
Pakistan’s APT36 Transparent Tribe uses phishing and Linux malware to target Indian defence systems running BOSS Linux says Cyfirma. First seen on hackread.com Jump to article: hackread.com/pakistan-transparent-tribe-indian-defence-linux-malware/
-
Bert Blitzes Linux & Windows Systems
The new ransomware strain’s aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/bert-blitzes-linux-windows-systems
-
Inside the ZIP Trap: How APT36 Targets BOSS Linux to Exfiltrate Critical Data
CYFIRMA has uncovered a highly sophisticated cyber-espionage campaign orchestrated by APT36, also known as Transparent Tribe, a Pakistan-based threat actor with a notorious history of targeting Indian defense and government sectors. This latest operation marks a significant shift in tactics, as APT36 adapts its arsenal to infiltrate Linux-based environments, specifically focusing on BOSS Linux, a…
-
RingReaper: New Linux EDR Evasion Tool Exploits io_uring Kernel Feature
A new tool named RingReaper is raising eyebrows among defenders and red teamers alike. By leveraging the legitimate, high-performance Linux kernel feature known as io_uring, RingReaper demonstrates how advanced attackers can sidestep even modern Endpoint Detection and Response (EDR) systems. The Rise of io_uring in Offensive Security Introduced in Linux kernel 5.1, io_uring was designed to provide…
-
Linux Boot Vulnerability Lets Attackers Bypass Secure Boot Protections
A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern distributions. Despite widespread adoption of Secure Boot, full-disk encryption, and bootloader passwords, attackers can still bypass these defenses by exploiting the Initial RAM Filesystem (initramfs) debug shell”, a loophole often overlooked in hardening guides, as…
-
PoC Released for Linux Privilege Escalation Flaw in udisksd and libblockdev
Security researchers disclosed a critical local privilege escalation (LPE) vulnerability affecting Fedora, SUSE, and other major Linux distributions. The flaw, tracked asCVE-2025-6019, resides in the interaction between theudisksddaemon and its backend library,libblockdev. A proof-of-concept (PoC) exploit has been released, demonstrating how a user in the allow_active group can escalate privileges to root with minimal effort in certain…
-
Sudo – Beliebtes Linux-Tool mit kritischer Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-cve-2025-32463-unix-linux-werkzeug-sudo-a-f8deff0dda4422a2deaa2ca3a40e3f16/
-
APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools
The post APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt36-unleashes-linux-malware-transparent-tribe-targets-indian-government-with-go-based-espionage-tools/
-
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for >>superuser do
-
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines.A brief description of the vulnerabilities is below -CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies…
-
Kali GPT- AI Assistant That Transforms Penetration Testing on Kali Linux
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/kali-gpt-ai-assistant-that-transforms-penetration-testing-on-kali-linux/
-
12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege Escalation
A newly disclosed vulnerability in the Sudo command-line tool, present for over 12 years, has exposed countless Linux and Unix-like systems to the risk of local privilege escalation, allowing attackers to gain root access without sophisticated exploits. The flaw, tracked as CVE-2025-32462, was discovered by the Stratascale Cyber Research Unit (CRU) and affects both stable…
-
Linus Torvalds hints Bcachefs may get dropped from the Linux kernel
Tags: linuxKernel 6.16 may be the last with the new disk format First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/bcachefs_may_get_dropped/
-
Linux Users Urged to Patch Critical Sudo CVE
Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/linux-users-urged-to-patch/
-
Hackers Target Linux SSH Servers to Deploy TinyProxy and Sing-Box Proxy Tools
Tags: credentials, cyber, exploit, hacker, intelligence, linux, malicious, monitoring, strategy, tool, vulnerabilityHackers are exploiting poorly managed Linux servers, particularly those with weak SSH credentials, to install proxy tools such as TinyProxy and Sing-box. The AhnLab Security Intelligence Center (ASEC) has been closely monitoring these intrusions through honeypots mimicking vulnerable SSH services. Their findings reveal a sophisticated strategy where attackers repurpose legitimate tools for malicious intent, transforming…
-
Kritische Schwachstelle CVE-2025-32463 in sudo gefährdet Linux-Systeme
Der sudo-Befehl in Linux erlaubt wegen einer als kritisch eingestuften Schwachstelle CVE-2025-32463 eine lokale Privilegien-Eskalation. Hintergrund ist eine unsaubere Behandlung von /etc/nsswitch.conf, so dass man root-Rechte bekommt. Das Thema ist mir einmal durch einen Kommentar von Norddeutsch im Diskussionsbereich des … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/01/kritische-schwachstelle-cve-2025-32463-in-sudo-gefaehrdet-linux-systeme/
-
Ghost in the Machine: A Spy’s Digital Lifeline
Tags: access, ai, attack, authentication, best-practice, cloud, communications, control, country, crypto, cyber, data, encryption, endpoint, framework, government, Hardware, identity, infrastructure, intelligence, jobs, law, linux, mfa, military, network, resilience, risk, software, spy, strategy, technology, threat, tool, vpn, windows, zero-trust -
Chinesische Hacker haben über 1.000 SOHO-Geräte infiziert
Tags: backdoor, china, cisco, cyberattack, cybercrime, cyberespionage, hacker, iot, linux, malware, office, usa, vulnerability, windowsDutzende Cybercrime-Kampagnen mit Fokus auf Asien und die USA wurden als angebliche LAPD-Aktionen getarnt.Cybersecurity-Experten haben ein Netzwerk von mehr als 1.000 kompromittierten Small-Office- und Home-Office-Geräten (SOHO) entdeckt. Die Devices wurden laut den Experten dazu genutzt, eine langwierige Cyberspionage-Infrastrukturkampagne für chinesische Hacker-Gruppen zu ermöglichen. Das Strike-Team von SecurityScorecard entdeckte das dazugehörige Operational-Relay-Box (ORB)-Netzwerk und gab ihm…
-
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/sudo-local-privilege-escalation-vulnerabilities-fixed-cve-2025-32462-cve-2025-32463/
-
Linux 6.16-rc4 Launches Out With Filesystem, Driver, and Hardware Fixes
Linus Torvalds has officially announced the release ofLinux 6.16-rc4, marking the halfway point in the development cycle for the upcoming 6.16 kernel. Despite a notably large merge window, Torvalds described the release candidate process as “fairly calm,” signaling a smooth path toward the anticipated stable release in late July or early August. Balanced Focus Across…
-
Root-Zugriff für alle: Kritische Sudo-Lücke gefährdet unzählige Linux-Systeme
Forscher haben eine gefährliche Sicherheitslücke im Kommandozeilentool Sudo entdeckt. Angreifer können mit wenig Aufwand Root-Rechte erlangen. First seen on golem.de Jump to article: www.golem.de/news/root-zugriff-fuer-alle-kritische-sudo-luecke-gefaehrdet-unzaehlige-linux-systeme-2507-197635.html
-
Chrome 0-Day Flaw Exploited in the Wild to Execute Arbitrary Code
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked asCVE-2025-6554, is atype confusionvulnerability in Chrome’s V8 JavaScript engine, which underpins the browser’s ability to process web content across Windows, macOS, and Linux platforms. The vulnerability was discovered by…