Malware & Threats Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation The CVE-2024-54143 vulnerability affects the OpenWrt sysupgrade server and exposes users to risks of installing malicious firmware images. Ryan NaraineDecember 9, 2024
Malware & Threats Stealthy ‘Perfctl’ Malware Infects Thousands of Linux Servers The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands. Ionut ArghireOctober 7, 2024
Vulnerabilities Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems. Eduard KovacsSeptember 27, 2024
Vulnerabilities New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous. Eduard KovacsAugust 5, 2024
Vulnerabilities CISA Warns of Exploited Linux Kernel Vulnerability CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. Ionut ArghireMay 31, 2024
Malware & Threats ‘WallEscape’ Linux Vulnerability Leaks User Passwords A vulnerability in util-linux, a core utilities package in Linux systems, allows attackers to leak user passwords and modify the clipboard. Ionut ArghireApril 1, 2024
Vulnerabilities Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems. Ionut ArghireFebruary 7, 2024
Security Architecture GNU C Library Vulnerability Leads to Full Root Access Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system. Ionut ArghireJanuary 31, 2024
Cloud Security ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group. Eduard KovacsNovember 6, 2023
Vulnerabilities One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems. Eduard KovacsOctober 10, 2023
Vulnerabilities Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. Ionut ArghireOctober 4, 2023
Vulnerabilities StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs. Eduard KovacsJuly 6, 2023