Collecting Cyber-News from over 60 sources

Tag: linux

France to ditch Windows for Linux to reduce reliance on US tech

Apr 10, 2026 5:52 PM

Tags: linux, windows

France’s move to ditch Windows for Linux is its latest effort to reduce its reliance on American tech giants. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/10/france-to-ditch-windows-for-linux-to-reduce-reliance-on-us-tech/
Little Snitch for Linux shows what your apps are connecting to

Apr 10, 2026 11:53 AM

Tags: linux, monitoring, network, tool

Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/little-snitch-for-linux-privacy/
Little Snitch for Linux shows what your apps are connecting to

Apr 10, 2026 11:53 AM

Tags: linux, monitoring, network, tool

Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/little-snitch-for-linux-privacy/
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure

Apr 10, 2026 1:52 AM

Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-management

An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
Linux Foundation Leader Impersonated in Slack Attack on Open Source Developers

Apr 9, 2026 10:51 AM

Tags: advisory, attack, cyber, intelligence, linux, open-source, social-engineering, threat

A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a public threat intelligence platform designed to alert developers and security teams about active threats after initial disclosure. The advisory was authored by Christopher “CRob” Robinson, CTO and Chief Security Architect at OpenSSF.…
Critical Chrome Flaws Let Attackers Execute Arbitrary Code

Apr 9, 2026 9:52 AM

Tags: browser, chrome, control, cyber, flaw, google, linux, update, windows

Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to the stable channel for Windows, Mac, and Linux users on April 7, 2026. This major release patches flaws that could allow attackers to execute arbitrary code and take full control of affected systems.…
Chaos malware expands from routers to Linux cloud servers

Apr 8, 2026 12:52 PM

Tags: cloud, linux, malware, router

Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/08/chaos-malware-cloud-misconfigured-servers/
Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Apr 8, 2026 11:50 AM

Tags: flaw, framework, linux, update

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/08/flatpak-1-16-4-released-fixes-sandbox-escape/
Patch to end i486 support hits Linux kernel merge queue

Apr 8, 2026 5:52 AM

Tags: linux, update

After a year of patchwork, maintainers look ready to start retiring 486-class CPUs First seen on theregister.com Jump to article: www.theregister.com/2026/04/06/patch_to_end_i486_support/
CUPS Vulnerabilities Could Allow Remote Attackers to Achieve Root-Level Code Execution

Apr 7, 2026 3:52 PM

Tags: access, ai, cyber, flaw, linux, remote-code-execution, vulnerability

A team of AI-driven vulnerability hunting agents directed by security researcher Asim Viladi Oglu Manizada has discovered two critical security flaws in CUPS, the standard printing system for Linux and Unix-like operating systems. When chained together, these vulnerabilities allow an unauthenticated remote attacker to gain unprivileged remote code execution and eventually escalate their access to…
BPFDoor Variants Hide with Stateless C2 and ICMP Relay Tactics

Apr 7, 2026 3:52 PM

Tags: backdoor, cyber, linux, tactics

Seven new BPFDoor variants that push Linux backdoor tradecraft deep into the kernel, making them harder to spot in large telecom networks. These implants use Berkeley Packet Filters (BPF) to quietly inspect traffic inside the operating system kernel, waiting for a “magic packet” that activates a hidden shell. Once triggered, the backdoor blends into normal…
Supply chain security is now a board-level issue: Here’s what CSOs need to know

Apr 7, 2026 12:51 PM

Tags: access, android, attack, automation, best-practice, compliance, cybersecurity, edr, encryption, firewall, firmware, flaw, infrastructure, linux, mitigation, regulation, risk, sbom, software, supply-chain, switch, threat, tool, update, vulnerability, windows, zero-day

The hidden complexity that drowns security teams: SBOMs are no longer used solely to track software licensing; they are key to managing supply chain security as they enable the identification and tracking of vulnerabilities across ecosystems.Finding a problem is just the start, you need to determine if the vulnerability affects your implementation. For example, if…
Druckersystem: Cups-Lücken gefährden zahlreiche Linux-Systeme

Apr 7, 2026 12:51 PM

Tags: access, ai, linux

Ein Forscher hat KI-Agenten auf das Druckersystem Cups angesetzt. Zwei entdeckte Sicherheitslücken verleihen Angreifern Root-Zugriff aus der Ferne. First seen on golem.de Jump to article: www.golem.de/news/von-ki-agenten-entdeckt-print-server-luecken-gefaehrden-zahlreiche-linux-systeme-2604-207281.html
Von KI-Agenten entdeckt: Print-Server-Lücken gefährden zahlreiche Linux-Systeme

Apr 7, 2026 11:50 AM

Tags: access, ai, linux

Ein Forscher hat seine KI-Agenten auf das Druckersystem Cups angesetzt. Zwei entdeckte Lücken verleihen Angreifern Root-Zugriff aus der Ferne. First seen on golem.de Jump to article: www.golem.de/news/von-ki-agenten-entdeckt-print-server-luecken-gefaehrden-zahlreiche-linux-systeme-2604-207281.html
AI agents found vulns in this popular Linux and Unix print server

Apr 7, 2026 1:51 AM

Tags: access, ai, linux, remote-code-execution

CUPS server shown spilling out remote code execution and root access First seen on theregister.com Jump to article: www.theregister.com/2026/04/06/ai_agents_cups_server_rce/
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Apr 6, 2026 4:51 PM

Tags: attack, cyberattack, endpoint, infrastructure, linux, mobile, risk, soc, windows

Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across Windows endpoints, executive MacBooks, Linux infrastructure, and mobile devices, taking advantage of the fact that many SOC workflows are still fragmented by platform. For security leaders, this creates a First seen on…
Poisoned Axios Package Spreads Cross-Platform Malware via Phantom Dependency

Apr 6, 2026 10:51 AM

Tags: access, cyber, hacker, linux, macOS, malicious, malware, windows

Hackers hijacked the npm account of Axios’s lead maintainer. They used it to push two malicious releases that silently installed a cross”‘platform remote access trojan (RAT) on macOS, Windows, and Linux systems. Axios is one of the JavaScript ecosystem’s most widely used HTTP clients, with over 100 million weekly downloads on npm, making it deeply…
Supply Chain Attacks Surge in March 2026

Apr 4, 2026 5:53 AM

Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windows

IntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
Cisco fixes critical IMC auth bypass present in many products

Apr 3, 2026 11:52 PM

Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day

[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Apr 3, 2026 7:51 PM

Tags: control, linux, microsoft, remote-code-execution, threat

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team.”Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate…
When Your Own Eyes Turn Against You: How Compromised Security Cameras and IoT/OT Devices Become Tools for Your Attackers

Apr 3, 2026 1:51 AM

Tags: access, advisory, attack, botnet, cctv, china, cloud, control, corporate, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, firmware, flaw, government, group, hacking, healthcare, infrastructure, intelligence, international, Internet, iot, iran, law, linux, malware, network, office, privacy, ransomware, resilience, risk, russia, service, supply-chain, technology, threat, tool, ukraine, unauthorized, update, vpn, vulnerability, warfare, windows, zero-day, zero-trust

TL;DR Security cameras, IoT, and OT devices that are meant to protect us, are easily compromised and turned against defenders, enabling nation-state reconnaissance (Iranian hacks on Hikvision/Dahua cameras during strikes, Russian webcam abuse in Ukraine), espionage via exposed live feeds, ransomware pivots (Akira group bypassing EDR), massive botnets (Mirai/Eleven11bot), and physical disruption. Structural weaknesses like…
We know what day it is but these Raspberry Pi price hikes are no joke

Apr 3, 2026 1:51 AM

Tags: computer, Hardware, linux

Hot DRAM! Who is going to drop nearly $400 on an underpowered Linux computer? First seen on theregister.com Jump to article: www.theregister.com/2026/04/01/raspberry_pi_price_hikes/
Google Warns of New Chrome Zero-Day Under Active Exploitation Users Urged to Update Immediately

Apr 1, 2026 3:30 PM

Tags: browser, chrome, cyber, exploit, flaw, google, linux, threat, update, vulnerability, windows, zero-day

Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being exploited in the wild. Users are strongly urged to update their browsers immediately to version 146.0.7680.177/.178 for Windows and Mac, or 146.0.7680.177 for Linux . Active Zero-Day Threat The most…
ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

Apr 1, 2026 1:29 PM

Tags: linux, network, rce, remote-code-execution, vulnerability, wordpress, zero-day

New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution (RCE) via simple image uploads affecting Ubuntu, Amazon Linux, and WordPress. This magic byte shift bypasses even the most secure policies. First seen on hackread.com Jump to article: hackread.com/imagemagick-zero-day-rce-linux-wordpress-servers/
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems

Apr 1, 2026 10:34 AM

Tags: attack, backdoor, breach, cyber, hacker, linux, macOS, north-korea, software, supply-chain, threat, windows

A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems

Apr 1, 2026 10:34 AM

Tags: attack, backdoor, breach, cyber, hacker, linux, macOS, north-korea, software, supply-chain, threat, windows

A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
PyPI Telnyx Python SDK Backdoored to Steal Credentials on Windows, macOS, and Linux

Apr 1, 2026 9:30 AM

Tags: backdoor, credentials, cyber, linux, macOS, pypi, windows

Telnyx Python SDK on PyPI, using a multi”‘stage WAV steganography payload to steal credentials across Windows, macOS, and Linux systems. The backdoor lives in telnyx/_client.py and is triggered at module scope, so simply importing telnyx is enough to execute the payload before any application code runs. The rogue releases remained available for roughly 6.5 hours before PyPI quarantined them…
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

Mar 31, 2026 11:31 PM

Tags: ai, attack, breach, cloud, control, credentials, crypto, github, incident response, linux, LLM, macOS, malicious, malware, monitoring, open-source, openai, powershell, pypi, rat, spam, supply-chain, tool, windows

postinstall hook that would execute a dropper script when it was pulled in by a different package as a dependency.Shortly after midnight UTC on March 31 a new version of the Axios package, axios@1.14.1, was published on npm followed by axios@0.30.4 39 minutes later. Both listed plain-crypto-js@4.2.1 as a dependency in their package.json files, but…