Tag: linux
-
RingReaper: New Linux EDR Evasion Tool Exploits io_uring Kernel Feature
A new tool named RingReaper is raising eyebrows among defenders and red teamers alike. By leveraging the legitimate, high-performance Linux kernel feature known as io_uring, RingReaper demonstrates how advanced attackers can sidestep even modern Endpoint Detection and Response (EDR) systems. The Rise of io_uring in Offensive Security Introduced in Linux kernel 5.1, io_uring was designed to provide…
-
Linux Boot Vulnerability Lets Attackers Bypass Secure Boot Protections
A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern distributions. Despite widespread adoption of Secure Boot, full-disk encryption, and bootloader passwords, attackers can still bypass these defenses by exploiting the Initial RAM Filesystem (initramfs) debug shell”, a loophole often overlooked in hardening guides, as…
-
PoC Released for Linux Privilege Escalation Flaw in udisksd and libblockdev
Security researchers disclosed a critical local privilege escalation (LPE) vulnerability affecting Fedora, SUSE, and other major Linux distributions. The flaw, tracked asCVE-2025-6019, resides in the interaction between theudisksddaemon and its backend library,libblockdev. A proof-of-concept (PoC) exploit has been released, demonstrating how a user in the allow_active group can escalate privileges to root with minimal effort in certain…
-
Sudo – Beliebtes Linux-Tool mit kritischer Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-cve-2025-32463-unix-linux-werkzeug-sudo-a-f8deff0dda4422a2deaa2ca3a40e3f16/
-
APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools
The post APT36 Unleashes Linux Malware: Transparent Tribe Targets Indian Government with Go-Based Espionage Tools appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt36-unleashes-linux-malware-transparent-tribe-targets-indian-government-with-go-based-espionage-tools/
-
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for >>superuser do
-
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines.A brief description of the vulnerabilities is below -CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies…
-
Kali GPT- AI Assistant That Transforms Penetration Testing on Kali Linux
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/kali-gpt-ai-assistant-that-transforms-penetration-testing-on-kali-linux/
-
12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege Escalation
A newly disclosed vulnerability in the Sudo command-line tool, present for over 12 years, has exposed countless Linux and Unix-like systems to the risk of local privilege escalation, allowing attackers to gain root access without sophisticated exploits. The flaw, tracked as CVE-2025-32462, was discovered by the Stratascale Cyber Research Unit (CRU) and affects both stable…
-
Linus Torvalds hints Bcachefs may get dropped from the Linux kernel
Tags: linuxKernel 6.16 may be the last with the new disk format First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/bcachefs_may_get_dropped/
-
Linux Users Urged to Patch Critical Sudo CVE
Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/linux-users-urged-to-patch/
-
Hackers Target Linux SSH Servers to Deploy TinyProxy and Sing-Box Proxy Tools
Tags: credentials, cyber, exploit, hacker, intelligence, linux, malicious, monitoring, strategy, tool, vulnerabilityHackers are exploiting poorly managed Linux servers, particularly those with weak SSH credentials, to install proxy tools such as TinyProxy and Sing-box. The AhnLab Security Intelligence Center (ASEC) has been closely monitoring these intrusions through honeypots mimicking vulnerable SSH services. Their findings reveal a sophisticated strategy where attackers repurpose legitimate tools for malicious intent, transforming…
-
Kritische Schwachstelle CVE-2025-32463 in sudo gefährdet Linux-Systeme
Der sudo-Befehl in Linux erlaubt wegen einer als kritisch eingestuften Schwachstelle CVE-2025-32463 eine lokale Privilegien-Eskalation. Hintergrund ist eine unsaubere Behandlung von /etc/nsswitch.conf, so dass man root-Rechte bekommt. Das Thema ist mir einmal durch einen Kommentar von Norddeutsch im Diskussionsbereich des … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/01/kritische-schwachstelle-cve-2025-32463-in-sudo-gefaehrdet-linux-systeme/
-
Ghost in the Machine: A Spy’s Digital Lifeline
Tags: access, ai, attack, authentication, best-practice, cloud, communications, control, country, crypto, cyber, data, encryption, endpoint, framework, government, Hardware, identity, infrastructure, intelligence, jobs, law, linux, mfa, military, network, resilience, risk, software, spy, strategy, technology, threat, tool, vpn, windows, zero-trust -
Chinesische Hacker haben über 1.000 SOHO-Geräte infiziert
Tags: backdoor, china, cisco, cyberattack, cybercrime, cyberespionage, hacker, iot, linux, malware, office, usa, vulnerability, windowsDutzende Cybercrime-Kampagnen mit Fokus auf Asien und die USA wurden als angebliche LAPD-Aktionen getarnt.Cybersecurity-Experten haben ein Netzwerk von mehr als 1.000 kompromittierten Small-Office- und Home-Office-Geräten (SOHO) entdeckt. Die Devices wurden laut den Experten dazu genutzt, eine langwierige Cyberspionage-Infrastrukturkampagne für chinesische Hacker-Gruppen zu ermöglichen. Das Strike-Team von SecurityScorecard entdeckte das dazugehörige Operational-Relay-Box (ORB)-Netzwerk und gab ihm…
-
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/sudo-local-privilege-escalation-vulnerabilities-fixed-cve-2025-32462-cve-2025-32463/
-
Linux 6.16-rc4 Launches Out With Filesystem, Driver, and Hardware Fixes
Linus Torvalds has officially announced the release ofLinux 6.16-rc4, marking the halfway point in the development cycle for the upcoming 6.16 kernel. Despite a notably large merge window, Torvalds described the release candidate process as “fairly calm,” signaling a smooth path toward the anticipated stable release in late July or early August. Balanced Focus Across…
-
Root-Zugriff für alle: Kritische Sudo-Lücke gefährdet unzählige Linux-Systeme
Forscher haben eine gefährliche Sicherheitslücke im Kommandozeilentool Sudo entdeckt. Angreifer können mit wenig Aufwand Root-Rechte erlangen. First seen on golem.de Jump to article: www.golem.de/news/root-zugriff-fuer-alle-kritische-sudo-luecke-gefaehrdet-unzaehlige-linux-systeme-2507-197635.html
-
Chrome 0-Day Flaw Exploited in the Wild to Execute Arbitrary Code
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked asCVE-2025-6554, is atype confusionvulnerability in Chrome’s V8 JavaScript engine, which underpins the browser’s ability to process web content across Windows, macOS, and Linux platforms. The vulnerability was discovered by…
-
Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/29/week-in-review-backdoor-found-in-soho-devices-running-linux-high-risk-winrar-rce-flaw-patched/
-
Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells
Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and Linux systems. The campaign, which showcases a blend of publicly available tools and custom malicious payloads, indicates a highly coordinated effort to compromise organizational networks through initial access, persistence, and lateral movement. Sophisticated Attack Campaign…
-
Qualys TRU identifiziert LPE-Kette mit Root-Zugriff – Kritische Schwächen bringen Linux-Systeme in Gefahr
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-schwaechen-bringen-linux-systeme-in-gefahr-a-1e9c5e73c560ec52307bad434dca8d4f/
-
French city of Lyon ditching Microsoft for open source office and collab tools
Ingredients of future software salade Lyonnaise will include Linux, PostgreSQL, and OnlyOffice First seen on theregister.com Jump to article: www.theregister.com/2025/06/26/lyon_leaving_microsoft/
-
LinuxFest Northwest: My Journey Using Linux From Scratch And Why You Should Try It Too
Author/Presenter: Nathaniel Smith (Bellevue College, Baccalaureate Program Undergraduate In Computer Science) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the…
-
LinuxFest Northwest: Securing Your Web Server
Author/Presenter: Ted Matsumura (Board Director, Linux Professional Institute) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
Chrome Releases Security Patch for 11 Code Execution Vulnerabilities
The Chrome team has announced the rollout of a critical security update for its popular web browser, Chrome, addressing 11 code execution vulnerabilities that could potentially put millions of users at risk. The update, Chrome 138.0.7204.49 for Linux and 138.0.7204.49/50 for Windows and Mac, is now being distributed through the stable channel and will reach…
-
Prometei botnet activity has surged since March 2025
Prometei botnet activity has surged since March 2025, with a new malware variant spreading rapidly, Palo Alto Networks reports. Palo Alto Networks warns of a spike in Prometei botnet activity since March 2025, the researchers observed a new variant spreading rapidly. Since March 2025, Prometei botnet is targeting Linux systems for Monero mining and credential…
-
Google Cloud donates A2A AI protocol to the Linux Foundation
Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, which has now announced a new community-driven project called the Agent2Agent Project. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/google-cloud-donates-a2a-ai-protocol-to-the-linux-foundation/