Tag: linux
-
Linux ‘Copy Fail’ Flaw Delivers Root-Level Access to Distros
AI-Assisted Offensive Security Researcher Discovered Flaw After 1 Hour of Scanning. Patch all Linux kernels issued from 2017 onwards to fix a serious vulnerability in the kernel’s cryptography API that can be easily exploited by a local, unprivileged user to gain root-level access. The major flaw is the latest to be found by an AI-assisted…
-
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/
-
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/
-
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/copyfail-linux-lpe-vulnerability-cve-2026-31431/
-
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root.The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori.”An unprivileged local user can write four controlled bytes into the page cache of any readable…
-
9-Year-Old Linux Kernel Vulnerability “Copy Fail” Enables Full Root Access
Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure. First seen on hackread.com Jump to article: hackread.com/linux-kernel-vulnerability-copy-fail-full-root-access/
-
Seit 2017 ausnutzbar: Gefährliche Root-Lücke im Linux-Kernel entdeckt
Ein kleines Skript mit einer Größe von nur 732 Bytes reicht aus, um unter Linux Root-Rechte zu erlangen. Der Exploit liegt bereits auf Github. First seen on golem.de Jump to article: www.golem.de/news/seit-2017-ausnutzbar-gefaehrliche-root-luecke-im-linux-kernel-entdeckt-2604-208181.html
-
Seit 2017 ausnutzbar: Gefährliche Root-Lücke im Linux-Kernel entdeckt
Ein kleines Skript mit einer Größe von nur 732 Bytes reicht aus, um unter Linux Root-Rechte zu erlangen. Der Exploit liegt bereits auf Github. First seen on golem.de Jump to article: www.golem.de/news/seit-2017-ausnutzbar-gefaehrliche-root-luecke-im-linux-kernel-entdeckt-2604-208181.html
-
EUVD-2026-24742 / CVE-2026-41651 – Telekom entdeckt 12 Jahre alte Linux-Root-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/pack2theroot-root-exploit-packagekit-cve-2026-41651-a-fe528109a86253ae2b0a7c51fe970808/
-
Linux Kernel 0-Day “Copy Fail” Grants Root Access Across Major Distros Since 2017
Security researchers have disclosed a critical zero-day vulnerability in the Linux kernel dubbed >>Copy Fail<< (CVE-2026-31431), which allows unprivileged local users to gain root access. Using a tiny 732-byte Python script, attackers can exploit a logic flaw present in major Linux distributions released since 2017. Copy Fail is a local privilege escalation (LPE) vulnerability found…
-
Linux cryptographic code flaw offers fast route to root
Patches land for authencesn flaw enabling local privilege escalation First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/linux_cryptographic_code_flaw/
-
Packagekit: Forscher entdecken mit Claude Opus 12 Jahre alte gefährliche Root-Lücke in Linux
Tags: linuxFirst seen on t3n.de Jump to article: t3n.de/news/claude-ki-root-luecke-linux-1739928/
-
VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux ESXi
The “new” VECT 2.0 ransomware is essentially a cross”‘platform data wiper that permanently destroys most enterprise files rather than encrypting them for recovery. For any file larger than 131,072 bytes (128 KB), VECT processes four separate chunks using four different randomly generated ChaCha20″‘IETF nonces, but only writes the last nonce to disk at the end…
-
Fedora Linux 44 ships with GNOME 50 and KDE Plasma 6.6
Tags: linuxThe Fedora Project released Fedora Linux 44, delivering updated desktop environments, revised installer behavior, and several lower-level system changes across its editions … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/fedora-linux-44-released/
-
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi
Vect 2.0 Ransomware”‘as”‘a”‘Service (RaaS) operation is rapidly evolving into a multi”‘platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR”‘based infrastructure to partners in exchange for a share of ransom payments. Its operators are strongly suspected to be…
-
Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise
Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions. First seen on hackread.com Jump to article: hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors.The fact that VECT’s locker permanently destroys large files rather than encrypting…
-
New Linux FIRESTARTER Backdoor Targets Cisco Firepower Devices
CISA and NCSC warn that FIRESTARTER, a Linux-based backdoor, targets Cisco Firepower devices, evades patches, and enables persistent access even after firmware updates. First seen on hackread.com Jump to article: hackread.com/linux-firestarter-backdoor-cisco-firepower-devices/
-
SUSE’s sovereignty pitch meets an inconvenient $6 billion question
Tags: linuxLinux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options First seen on theregister.com Jump to article: www.theregister.com/2026/04/28/sovereignty_its_all_about_the/
-
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
Stratis is a tool for configuring pools and filesystems with enhanced storage functionality within the existing Linux storage management stack. It focuses on a command-line … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/stratis-3-9-0-linux-storage-management-tool-stratis-3-9-0-adds-encryption-cache-features/
-
Open-source privacy tool BleachBit 6.0.0 upgrades code signing across Windows and Linux
System cleaning utilities have grown more relevant as web browsers stockpile larger volumes of cached data, tracking artifacts, and site storage on local disks. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/bleachbit-6-0-0-open-source-privacy-tool/
-
Open-source privacy tool BleachBit 6.0.0 upgrades code signing across Windows and Linux
System cleaning utilities have grown more relevant as web browsers stockpile larger volumes of cached data, tracking artifacts, and site storage on local disks. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/bleachbit-6-0-0-open-source-privacy-tool/
-
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass security, the Linux Executable and Linkable Format (ELF) has largely been ignored. To address this gap, researchers at the Czech…
-
Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS
<div cla As Linux dominates cloud-native infrastructure and macOS becomes the standard for high-value targets in development and executive leadership, the attack surface is no longer Windows-centric. Modern attack playbooks weaponize Living off the Land (LOTL) binariespre-installed, legitimate system toolsto blend malicious activity with normal operations and bypass standard detection telemetry. First seen on securityboulevard.com…
-
12-year-old Pack2TheRoot bug lets Linux users gain root privileges
‘Pack2TheRoot’ flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users install or remove system packages without authorization, potentially gaining full root access. The vulnerability is rated high severity, CVSS score of 8.8, and has existed for nearly 12…
-
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-pack2theroot-flaw-gives-hackers-root-linux-access/
-
More ancient Linux device support faces the chop
One way to deal with bug hunting LLMs: ditch the old drivers First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/ancient_linux_drivers_going/
-
Fast 12 Jahre unentdeckt: Telekom deckt gefährliche Root-Lücke in Linux auf
Sicherheitsforscher der Telekom haben Claude auf Linux-Systeme losgelassen. Die KI hat eine seit 2014 bestehende Root-Lücke in Packagekit gefunden. First seen on golem.de Jump to article: www.golem.de/news/fast-12-jahre-unentdeckt-telekom-deckt-gefaehrliche-root-luecke-in-linux-auf-2604-207963.html
-
Fast 12 Jahre unentdeckt: Telekom deckt gefährliche Root-Lücke in Linux auf
Sicherheitsforscher der Telekom haben Claude auf Linux-Systeme losgelassen. Die KI hat eine seit 2014 bestehende Root-Lücke in Packagekit gefunden. First seen on golem.de Jump to article: www.golem.de/news/fast-12-jahre-unentdeckt-telekom-deckt-gefaehrliche-root-luecke-in-linux-auf-2604-207963.html
-
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ubuntu-26-04-lts-resolute-raccoon-released/