Linux

Fedora Hummingbird brings the container security model to a Linux host OS

Fedora Hummingbird brings the container security model to a Linux host OS 2026-05-13 at 02:05 By Anamarija Pogorelec Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is now applying that same approach to the host operating system. At Red Hat […]

Fedora Hummingbird brings the container security model to a Linux host OS Read More »

Linux developers weigh emergency “killswitch” for vulnerable kernel functions

Linux developers weigh emergency “killswitch” for vulnerable kernel functions 2026-05-11 at 16:48 By Zeljka Zorz Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime. The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arrives in the wake of the

Linux developers weigh emergency “killswitch” for vulnerable kernel functions Read More »

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks 2026-05-11 at 11:27 By Eduard Kovacs Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks Read More »

Rustinel: Open-source endpoint detection for Windows and Linux

Rustinel: Open-source endpoint detection for Windows and Linux 2026-05-11 at 08:51 By Mirko Zorz Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a

Rustinel: Open-source endpoint detection for Windows and Linux Read More »

Dirty Frag: Unpatched Linux vulnerability delivers root access

Dirty Frag: Unpatched Linux vulnerability delivers root access 2026-05-08 at 18:03 By Zeljka Zorz A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag In effect, Dirty Frag refers to two flaws: A xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284, aka

Dirty Frag: Unpatched Linux vulnerability delivers root access Read More »

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins 2026-05-04 at 14:30 By Ionut Arghire CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing. The post Exploitation of ‘Copy Fail’ Linux Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins Read More »

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs 2026-04-30 at 15:31 By Anamarija Pogorelec Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs Read More »

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) 2026-04-30 at 15:31 By Zeljka Zorz Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) Read More »

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover 2026-04-30 at 13:56 By Ionut Arghire Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions. The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover Read More »

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access 2026-04-27 at 13:18 By Ionut Arghire A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages. The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access Read More »

25 open-source cybersecurity tools that don’t care about your budget

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers 2026-04-24 at 11:27 By Mirko Zorz Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute Raccoon, pulls most of those threads together into a single release

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers Read More »

Raspberry Pi OS 6.2 disables passwordless sudo by default

Raspberry Pi OS 6.2 disables passwordless sudo by default 2026-04-15 at 14:29 By Anamarija Pogorelec Raspberry Pi OS 6.2, based on the Trixie version, introduces small changes, bug fixes, and disables passwordless sudo by default for new installations. Screenshot of password prompt (Source: Raspberry Pi) “We continually review the security of Raspberry Pi OS to

Raspberry Pi OS 6.2 disables passwordless sudo by default Read More »

What changed in nginx 1.30.0 and what it means for your upstream config

What changed in nginx 1.30.0 and what it means for your upstream config 2026-04-15 at 14:29 By Anamarija Pogorelec nginx 1.30.0 brings together features accumulated across the 1.29.x mainline series. The release covers a broad range of changes, from protocol support additions to security-relevant fixes and new configuration options. Keepalive to upstreams is now on

What changed in nginx 1.30.0 and what it means for your upstream config Read More »

The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne

The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne 2026-04-13 at 02:01 By Anamarija Pogorelec Trisquel GNU/Linux, a free operating system aimed at home users, small enterprises, and educational centers, released version 12.0. The release, codenamed Ecne, is declared production-ready and builds on the previous version, Aramo, with changes to

The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne Read More »

Little Snitch for Linux shows what your apps are connecting to

Little Snitch for Linux shows what your apps are connecting to 2026-04-10 at 11:48 By Mirko Zorz Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were designed for server security rather than desktop privacy. Objective Development,

Little Snitch for Linux shows what your apps are connecting to Read More »

Chaos malware expands from routers to Linux cloud servers

Chaos malware expands from routers to Linux cloud servers 2026-04-08 at 12:47 By Mirko Zorz Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misconfigured Linux cloud servers, a category of infrastructure the botnet had

Chaos malware expands from routers to Linux cloud servers Read More »

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak 1.16.4 fixes sandbox escape and three other security flaws 2026-04-08 at 12:16 By Anamarija Pogorelec Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as

Flatpak 1.16.4 fixes sandbox escape and three other security flaws Read More »

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools 2026-03-30 at 10:37 By Anamarija Pogorelec Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools Read More »

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware 2026-03-27 at 15:46 By Zeljka Zorz TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Labs researchers,

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware Read More »

Scroll to Top