Linux Security

Unmasked Origin: Infamous “OrBit” Linux Rootkit Exposed as a Fork of Open-Source Medusa OrBit Linux Rootkit Medusa Userland LD_PRELOAD Hooking

OrBit Linux Rootkit Medusa Userland LD_PRELOAD Hooking

Unmasked Origin: Infamous “OrBit” Linux Rootkit Exposed as a Fork of Open-Source Medusa

Ddos May 19, 2026

PamDOORa Backdoor Targets Linux PAM Stack to Steal Passwords and Wipe Logs PamDOORa Linux Backdoor PAM Stack Credential Harvesting

PamDOORa Linux Backdoor PAM Stack Credential Harvesting

PamDOORa Backdoor Targets Linux PAM Stack to Steal Passwords and Wipe Logs

Ddos May 12, 2026

The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

Ddos May 11, 2026

Trust Hijacked: Official JDownloader Website Breached to Distribute Malicious Installers JDownloader Breach Supply Chain Attack

JDownloader Breach Supply Chain Attack

Trust Hijacked: Official JDownloader Website Breached to Distribute Malicious Installers

Ddos May 9, 2026

Exploited in the Wild: “Dirty Frag” Linux Vulnerability Grants Instant Root Access Dirty Frag Vulnerability Linux Privilege Escalation

Dirty Frag Vulnerability Linux Privilege Escalation

Exploited in the Wild: “Dirty Frag” Linux Vulnerability Grants Instant Root Access

Ddos May 9, 2026

Nix Vulnerability Grants Root Access via NAR Parser Overflow CVE-2026-25137 Nix Daemon Privilege Escalation CVE-2026-44028

CVE-2026-25137 Nix Daemon Privilege Escalation CVE-2026-44028

Nix Vulnerability Grants Root Access via NAR Parser Overflow

Ddos May 6, 2026

Patch Now: GnuTLS Release 3.8.13 Fixes 12 Vulnerabilities GnuTLS Security Update DTLS Heap Overwrite GnuTLS Vulnerability CVE-2026-1584

GnuTLS Security Update DTLS Heap Overwrite GnuTLS Vulnerability CVE-2026-1584

Patch Now: GnuTLS Release 3.8.13 Fixes 12 Vulnerabilities

Ddos May 4, 2026

Crashing the Shield: The One-Line Script Taking Down ModSecurity v3 WAFs libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

Crashing the Shield: The One-Line Script Taking Down ModSecurity v3 WAFs

Ddos May 1, 2026

Copy Fail: Public PoC and Full Details Disclosed for the 732-Byte Linux Root Exploit (CVE-2026-31431) Linux Kernel Root Exploit Copy Fail CVE-2026-31431

Linux Kernel Root Exploit Copy Fail CVE-2026-31431

Copy Fail: Public PoC and Full Details Disclosed for the 732-Byte Linux Root Exploit (CVE-2026-31431)

Ddos April 29, 2026

Legacy Leak: Deprecated GNU C Library Functions Spark New Security Fears glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

Legacy Leak: Deprecated GNU C Library Functions Spark New Security Fears

Ddos April 29, 2026

Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection ProFTPD SQL Injection CVE-2026-42167 Exploit

ProFTPD SQL Injection CVE-2026-42167 Exploit

Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection

Ddos April 29, 2026

Linux Privilege Escalation: “Pack2TheRoot” Flaw Impacts Major Distributions Pack2TheRoot Vulnerability PackageKit Privilege Escalation

Pack2TheRoot Vulnerability PackageKit Privilege Escalation

Linux Privilege Escalation: “Pack2TheRoot” Flaw Impacts Major Distributions

Ddos April 23, 2026

Emergency .NET Update: Critical Data Protection Flaw Allows Authentication Forgery .NET 10 Auth Bypass CVE-2026-40372

.NET 10 Auth Bypass CVE-2026-40372

Emergency .NET Update: Critical Data Protection Flaw Allows Authentication Forgery

Ddos April 22, 2026

Three Silent Vulnerabilities Discovered in the glibc Core glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

Three Silent Vulnerabilities Discovered in the glibc Core

Ddos April 21, 2026

High-Severity Use-After-Free Vulnerability Uncovered in Rsync Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

High-Severity Use-After-Free Vulnerability Uncovered in Rsync

Ddos April 16, 2026

CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover Cockpit RCE CVE-2026-4631

Cockpit RCE CVE-2026-4631

CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover

Ddos April 14, 2026

Root Access at Risk: Critical Nix Sandbox Escape Overwrites Sensitive System Files Nix Sandbox Escape Root Escalation CVE-2024-45593

Nix Sandbox Escape Root Escalation CVE-2024-45593

Root Access at Risk: Critical Nix Sandbox Escape Overwrites Sensitive System Files

Ddos April 10, 2026

Critical Privilege Escalation in Checkmk: Root Access at Risk Checkmk Privilege Escalation

Checkmk Privilege Escalation

Critical Privilege Escalation in Checkmk: Root Access at Risk

Ddos April 10, 2026

Sandbox Escape: Critical Flatpak Flaw Grants Full Host Access Flatpak Sandbox Escape CVE-2026-34078

Flatpak Sandbox Escape CVE-2026-34078

Sandbox Escape: Critical Flatpak Flaw Grants Full Host Access

Ddos April 9, 2026

GPUBreach Rowhammer Hijacks GPUs for Full System Root GPUBreach GPU Rowhammer

GPUBreach GPU Rowhammer

GPUBreach Rowhammer Hijacks GPUs for Full System Root

Ddos April 7, 2026