Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential…
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux…
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user…
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The…
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local…
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local…
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as…
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it…
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user…
FIRESTARTER: Cisco ASA Backdoor
The Advisory That Changes EverythingOn April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that…
Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet
Security researchers have identified malware dating back to 2005 that appears to have been designed to disrupt Iran’s nuclear program…
Python Vulnerability Allows Out-of-Bounds Write on Windows Systems
A security vulnerability has been discovered in Python’s Windows asyncio implementation, allowing attackers to trigger out-of-bounds…
Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data
A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models…
Harvester APT Expands Spying Operations with New GoGra Linux Malware
A nation-state-backed Advanced Persistent Threat (APT) group identified as Harvester has, reportedly, developed a new, malicious backdoor…
Compromised axios npm package delivers cross-platform RAT
Key points and observations On March 31, 2026, an attacker hijacked an axios npm maintainer account and published two malicious releases:…
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited…
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC)…
Web Traffic Hijacking: When Your Nginx Configuration Turns Malicious
Datadog Security Research has identified an active web traffic hijacking campaign that targets NGINX installations and management panels like…
OpenSSL January 2026 Security Update: CMS and PKCS#12 Buffer Overflows
Today, on January 27th, 2026, the OpenSSL project published details on vulnerabilities affecting the OpenSSL Software Library. Impacted…
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE
In recent years, Integrated Development Environments (IDEs) have become a pivotal component in modern software development, providing…
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS…
Critical Samba RCE Vulnerability Enables Arbitrary Code Execution
Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers.…
Broadcom Shifts VMware Workstation/Fusion to Year-Based Versioning with New 25H2 Release
Broadcom has recently announced a change to the versioning system of its virtualization software, VMware Workstation Pro and Fusion Pro.…
Patch Tuesday, October 2025 ‘End of 10’ Edition
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two…
CVE Deep Dive : CVE-2025–32463
Sudo “Chroot to Root” — Critical Library Loading Privilege EscalationPublished : Sept 23, 2025 | by : OptPress enter or…
Hackers Target ScreenConnect Features For Network Intrusions
A rise in cyber-attacks exploiting remote monitoring and management (RMM) tools for initial access via phishing has been observed by…
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot
A Russia-aligned hacktivist gang has been tricked into targeting a honeypot disguised as a water treatment utility, cybersecurity company…
DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks
Cisco Talos has confirmed that ransomware operators are now abusing Velociraptor, an open-source digital forensics and incident response…
Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing
In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. While fuzzing RFA files, he found the…
Critical AWS ClientVPN for macOS Vulnerability Let Attackers Escalate Privileges
A critical flaw in the AWS Client VPN for macOS has been disclosed, presenting a local privilege escalation risk to non-administrator…
Multiple Chrome Vulnerabilities Expose Users to Arbitrary Code Execution Attacks
Google has released Chrome version 141.0.7390.65/.66 for Windows and Mac, along with 141.0.7390.65 for Linux, addressing multiple critical…
Zeroday Cloud hacking contest offers $4.5 million in bounties
A new hacking competition called Zeroday Cloud, focused on open-source cloud and AI tools, announced a total prize pool of $4.5…
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on…
Unity Real-Time Development Platform Vulnerability Let Attackers Execute Arbitrary Code
Unity Technologies has issued a critical security advisory warning developers about a high-severity vulnerability affecting its widely used…
500X Surge in Scanning Targets Palo Alto and Cisco ASA
Enterprise security teams are on high alert after an extraordinary 500% spike in mass scanning activity was detected against Palo Alto…
Researcher Details Zero-Day Linux/Android Kernel Flaw (CVE-2025-38352)
researcher StreyPaws has published an in-depth analysis of CVE-2025-38352, a Time-of-Check to Time-of-Use (TOCTOU) race condition in the…
Chrome Security Update – Patch for 21 Vulnerabilities that Allows Attackers to Crash Browser
Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers…
Qualcomm Wins “Complete Victory” Over Arm in Major Chip Licensing Lawsuit
The long-standing licensing dispute between Qualcomm and Arm has finally reached its conclusion. On October 1, a U.S. District Court formally…
Chrome 141 Stable Channel Update Patches High-Severity Vulnerabilities (CVE-2025-11205 & CVE-2025-11206)
The Chrome team has announced the promotion of Chrome 141 to the Stable Channel for Windows, Mac, and Linux. The release—version…
Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure
Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable…
CISA Adds Five Actively Exploited Vulnerabilities to KEV Catalog
The threat landscape continues to evolve rapidly and staying ahead of actively exploited vulnerabilities is key to effective cybersecurity…
CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks
CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently…