Collecting Cyber-News from over 60 sources

Tag: linux

âš¡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Jun 1, 2026 4:42 PM

Tags: ai, attack, exploit, flaw, jobs, linux, phishing, tool

Monday hit like a cron job with anger issues.A busted auth path here, a repo-side faceplant there, some “patched-ish” thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI lowering the bar for people who already thought…
Critical Plesk Vulnerability Lets Users Execute Server Commands

Jun 1, 2026 3:42 PM

Tags: cve, cyber, github, linux, vulnerability

A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbitrary commands on affected servers. Tracked as CVE-2026-44962, the vulnerability affects Plesk for Linux and is linked to improper input handling in the APS Application Catalog search functionality. The issue was published in the GitHub…
CIFSwitch: KI-Agenten finden 19 Jahre alte Root-Lücke im Linux-Kernel

Jun 1, 2026 3:42 PM

Tags: ai, linux

Angreifer können sich auf vielen Linux-Systemen Root-Rechte verschaffen. Hauptursache ist ein vor fast zwei Jahrzehnten eingeführter Kernel-Bug. First seen on golem.de Jump to article: www.golem.de/news/cifswitch-ki-agenten-finden-19-jahre-alte-root-luecke-im-linux-kernel-2606-209261.html
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

Jun 1, 2026 12:42 PM

Tags: ai, kali, linux, vulnerability

CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because of how it was discovered. Asim Manizada, a security engineer at SpaceX, didn’t find it by auditing source code the old-fashioned way. He built an AI-powered…
DNS-AID lets AI agents find and verify each other through DNS

Jun 1, 2026 10:42 AM

Tags: ai, dns, identity, linux

AI agents run across many platforms, and each one needs a way to locate and confirm the identity of the others it works with. The Linux Foundation’s DNS-AID project … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/dns-aid-ai-agent-discovery-dns/
New CIFSwitch Linux flaw gives root on multiple distributions

May 30, 2026 5:42 PM

Tags: authentication, flaw, linux, vulnerability

A newly discovered local privilege escalation vulnerability dubbed ‘CIFSwitch’ in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel’s key request mechanism, and gain root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cifswitch-linux-flaw-gives-root-on-multiple-distributions/
Quasar RAT Hits Developers With Fileless Linux Attacks

May 26, 2026 3:00 PM

Tags: access, attack, backdoor, cyber, linux, rat, software

Quasar Linux (QLNX) is a new, stealthy Linux Remote Access Trojan that quietly turns developer and DevOps workstations into high”‘value beachheads for software supply”‘chain attacks, using fileless execution, an eBPF rootkit, PAM backdoors, and a P2P C2 mesh to evade conventional defenses. Despite its name, it is unrelated to the Windows”‘focused QuasarRAT family. It is…
China-Linked Hackers Hit SEA Edge Routers With Custom Linux Implant

May 26, 2026 2:01 PM

Tags: china, control, cyber, espionage, hacker, infrastructure, linux, router, windows

China-linked hackers are conducting a stealthy infrastructure-centric espionage campaign across Southeast Asia by compromising Linux-based edge routers with a custom ELF implant and pairing it with a cracked Cobalt Strike Beacon on Windows systems for unified command-and-control over entire networks. The operation enables full visibility into, and manipulation of, downstream traffic while largely bypassing traditional…
âš¡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

May 25, 2026 6:00 PM

Tags: botnet, flaw, linux, router, scam, supply-chain, tool, zero-day

Monday recap. Same mess, new week.A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should’ve patched years ago. Good times.Phishing crews are getting smarter too – less obvious…
Hackers Hide Linux Malware in SSH-Like Package Filename

May 25, 2026 10:00 AM

Tags: attack, cyber, detection, hacker, linux, malicious, malware, software, supply-chain

Hackers have been observed disguising a malicious Linux payload under an SSH-like filename during software installation, as part of a coordinated supply chain attack targeting developer ecosystems. The attack hinges on a hidden post-install script embedded inside package.json, rather than the expected composer.json used in PHP environments. This subtle placement allows the malicious code to evade detection during routine dependency…
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

May 23, 2026 8:00 PM

Tags: attack, github, linux, malicious, malware, supply-chain

A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL.”Although the affected packages were all Composer packages, the malicious code was not added to composer.json,” Socket said. “Instead, it was inserted into package.json, targeting projects that ship…
Linux-Kernel-Schwachstelle ermöglicht Zugriff auf sensible Root-Daten

May 23, 2026 4:00 PM

Tags: access, bug, cve, linux, threat, vulnerability

Die Sicherheitsforscher der Threat Research Unit (TRU) von Qualys haben mit CVE-2026-46333 eine Schwachstelle im Linux-Kernel identifiziert, die unter bestimmten Bedingungen die Offenlegung sensibler Informationen privilegierter Prozesse ermöglicht. Die Sicherheitslücke befindet sich im sogenannten ptrace-Zugriffspfad des Kernels und kann von lokal angemeldeten Benutzern ohne administrative Rechte ausgenutzt werden. Nach Erkenntnissen der Forscher handelt es sich um eine Race-Condition…
Hackers Exploit F5 BIG-IP to Gain SSH Access and Pivot Into Linux Networks

May 23, 2026 1:00 PM

Tags: access, attack, cyber, exploit, hacker, intelligence, linux, microsoft, network, threat, unauthorized

Threat actors are actively exploiting end-of-life F5 BIG-IP appliances to gain unauthorized SSH access into enterprise networks, using the compromised devices as launchpads for sophisticated multi-stage intrusion campaigns that ultimately target Active Directory infrastructure. Microsoft Threat Intelligence disclosed the full attack chain on May 22, 2026, documenting how a single compromised edge appliance cascaded into…
Hackers Exploit F5 BIG-IP to Gain SSH Access and Pivot Into Linux Networks

May 23, 2026 1:00 PM

Tags: access, attack, cyber, exploit, hacker, intelligence, linux, microsoft, network, threat, unauthorized

Threat actors are actively exploiting end-of-life F5 BIG-IP appliances to gain unauthorized SSH access into enterprise networks, using the compromised devices as launchpads for sophisticated multi-stage intrusion campaigns that ultimately target Active Directory infrastructure. Microsoft Threat Intelligence disclosed the full attack chain on May 22, 2026, documenting how a single compromised edge appliance cascaded into…
Qualys entdeckt Schwachstelle im Linux-Kernel mit Risiko für sensible Daten

May 23, 2026 9:00 AM

Tags: cve, linux, risk, vulnerability

Die Entdeckung von CVE-2026-46333 unterstreicht einmal mehr, dass selbst moderne Linux-Infrastrukturen nicht vor kritischen Kernel-Schwachstellen gefeit sind. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-entdeckt-schwachstelle-im-linux-kernel-mit-risiko-fuer-sensible-daten/a45282/
New Linux malware ‘Showboat’ targets Middle East telecom provider

May 23, 2026 6:00 AM

Tags: linux, malware, middle-east

First seen on scworld.com Jump to article: www.scworld.com/brief/new-linux-malware-showboat-targets-middle-east-telecom-provider
New Telecom Espionage Campaign Tied to China

May 23, 2026 1:00 AM

Tags: access, china, communications, espionage, linux, malware, middle-east, windows

Researchers Trace Linux and Windows Toolsets to Suspected PRC Espionage Activity. Newly discovered malware tied to China-linked actors breached telecom providers across Asia and the Middle East, highlighting growing efforts to gain persistent access into interconnected communications infrastructure. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-telecom-espionage-campaign-tied-to-china-a-31763
User-Agent: Bahn.de verweigert unter Linux teils die Verbindungsauskunft

May 22, 2026 10:00 AM

Tags: linux

Wer unter Linux auf bahn.de nach Verbindungen sucht, kann an Fehler 751 scheitern. Die Deutsche Bahn verweist auf Schutzsysteme gegen Bots. First seen on golem.de Jump to article: www.golem.de/news/user-agent-bahn-de-verweigert-unter-linux-teils-die-verbindungsauskunft-2605-208954.html
Flipper Introduces Flipper One as a Modular Linux-Based Cyberdeck

May 22, 2026 8:00 AM

Tags: cyber, cybersecurity, Hardware, linux, network, software

Flipper Devices has officially unveiledFlipper One, a modular, Linux-based cyberdeck designed to push the boundaries of open hardware and portable network analysis platforms. Unlike the popular Flipper Zero, the new device targets high-performance networking, software-defined radio (SDR), and embedded Linux development, positioning itself as a powerful toolkit for cybersecurity professionals, researchers, and hardware developers. Flipper…
Breach Roundup: Shai-Hulud Copycat Hits npm

May 22, 2026 12:00 AM

Tags: 2fa, ai, breach, cisco, cve, cvss, data, data-breach, linux, malware, microsoft, password

Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug Spam. This week, more incidents that we can here list. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven…
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

May 21, 2026 6:00 PM

Tags: backdoor, cybersecurity, exploit, framework, linux, malware, middle-east

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022.”Showboat is a modular post-exploitation framework designed for Linux systems, capable of spawning a remote shell, transferring files, and functioning as a SOCKS5…
KI-generierte Bug-Reports verstopfen Security-Mailing-Liste

May 21, 2026 5:00 PM

Tags: ai, linux

First seen on t3n.de Jump to article: t3n.de/news/linux-ki-security-mailing-liste-1743124/
Chinese hackers target telcos with new Linux, Windows malware

May 21, 2026 5:00 PM

Tags: china, cyber, espionage, hacker, linux, malware, windows

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks

May 21, 2026 5:00 PM

Tags: apt, attack, backdoor, china, communications, linux, spy

Showboat doesn’t show off, but clearly it doesn’t need to, as it’s long helped China spy on small market communications providers. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apts-linux-backdoor-telco-attacks
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

May 21, 2026 4:00 PM

Tags: ai, cloud, linux, login, router, scam, tool, update, zero-day

This week starts small.A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust.That is what makes it worrying. The danger…
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes

May 21, 2026 3:00 PM

Tags: flaw, leak, linux, password

Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/linux-kernel-ptrace-flaw-ssh-keys/
Flipper One project needs community help to build open Linux platform

May 21, 2026 2:00 PM

Tags: linux, penetration-testing, tool

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/hardware/flipper-one-project-needs-community-help-to-build-open-linux-platform/
Flipper One project needs community help to build open Linux platform

May 21, 2026 2:00 PM

Tags: linux, penetration-testing, tool

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/hardware/flipper-one-project-needs-community-help-to-build-open-linux-platform/
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

May 21, 2026 11:00 AM

Tags: cve, cybersecurity, flaw, linux, vulnerability

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major…
Nine-Year-Old Kernel Flaw Puts Linux SSH Private Keys at Risk

May 21, 2026 10:00 AM

Tags: access, cve, cyber, flaw, linux, risk, vulnerability

A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, poses a serious risk to SSH private keys and other sensitive credentials. The flaw, present in the kernel since 2016, allows a local attacker to escalate from a basic shell account to full root access on many popular Linux distributions. Nine-Year-Old Kernel Flaw The issue lies…