ABB has identified a vulnerability, CVE-2026-31431, in its ABB Ability Edgenius platform, which affects versions 3.2.0.0 to 3.2.4.0. This vulnerability is linked to a flaw in the Linux kernel's cryptographic interface that could allow a locally authenticated user to gain elevated privileges, potentially leading to full control of the system. While there have been no reports of this vulnerability being exploited in the wild, ABB recommends that users update to version 3.2.4.1 to mitigate the risk. Users should also limit access to their systems to enhance security. This incident underscores the importance of timely software updates and access controls in protecting against potential exploits.
Articles tagged "Linux"
Found 89 articles
The OpenMandriva Linux project recently revealed that it faced an internal sabotage attempt linked to disagreements among contributors. This incident appears to stem from a conflict within the community, raising concerns about the integrity and collaboration in open-source projects. Though details on the specific actions taken during the sabotage were not disclosed, the situation emphasizes the challenges that open-source projects face when contributors disagree. Such internal strife can affect project stability and trust among users. As the open-source community relies heavily on collaboration, incidents like this can have broader implications for software development and user confidence.
Schneider Electric's PowerChute Serial Shutdown software has several vulnerabilities that could allow attackers to manipulate system files, inject malicious data, or gain unauthorized access to accounts. Versions 1.4 and earlier are affected by these security flaws, which include issues like improper path restrictions and output handling. If exploited, these vulnerabilities could disrupt services or expose sensitive information across critical sectors such as energy, healthcare, and transportation. Users of affected versions are urged to upgrade to version 1.5, which includes fixes for these issues. The vulnerabilities were disclosed recently, and it is crucial for organizations to address them promptly to mitigate potential risks.
A serious flaw known as GhostLock (CVE-2026-43499) has been discovered in the Linux kernel, affecting numerous distributions since 2011. This 15-year-old vulnerability allows any logged-in user to gain root access to an unpatched machine without needing special permissions or network access. Essentially, if users are logged in, they can exploit this flaw to take full control of the system. Given that this vulnerability has been included by default in nearly all mainstream Linux distributions, it poses a significant risk to users and organizations that have not applied the necessary patches. Immediate action is required to address this security issue, as it exposes systems to potential compromise and misuse.
A long-standing vulnerability in the Linux kernel has been identified that could allow attackers to escape from a virtual machine (VM) and gain root access to the host server. This bug has remained dormant for 16 years, affecting various Linux-based systems. If a hypervisor is compromised, it could lead to severe security risks, as attackers could take control of the underlying server. This incident raises concerns for organizations relying on virtualized environments, as the potential for unauthorized access could lead to data breaches or further exploitation. Companies using vulnerable versions of the Linux kernel should prioritize assessing their systems for this risk and consider applying available patches.
SCM feed for Latest
QuimaRAT is a new type of malware that can target multiple operating systems, including Windows, Linux, and macOS. It operates on a modular architecture, which means it can expand its capabilities through encrypted plugins that are delivered via a command-and-control infrastructure. This flexibility allows attackers to adapt the malware for various malicious purposes. The versatility of QuimaRAT raises concerns for users across different platforms, as it poses a significant risk to both personal and organizational security. Companies and individuals should be vigilant and consider implementing security measures to protect their systems from this evolving threat.
Siemens has identified multiple vulnerabilities in its SINEC OS, particularly affecting the RUGGEDCOM RST2428P product. The issues stem from improper input validation, leading to potential allocation failures that could compromise system operations. Siemens has recommended users upgrade to version 4.0 or later to mitigate these risks. The vulnerabilities have been assigned CVE identifiers, indicating their recognition in the cybersecurity community. This situation is significant as it affects industrial control systems, which are critical for operational integrity and security.
A serious vulnerability in the Linux Kernel-based Virtual Machine (KVM) has been discovered, allowing attackers to potentially escape from a virtual machine (VM) to the host system. This flaw, which is 16 years old, affects both Intel and AMD systems. Security researcher Hyunwoo Kim reported that the issue is a use-after-free vulnerability, enabling malicious code running in a guest VM to corrupt the memory of the host kernel. The implications are significant, as it could allow unauthorized access to sensitive data or control over the host. Organizations using affected systems should take immediate action to assess their vulnerability and apply necessary patches to safeguard their environments.
A vulnerability in the Linux KVM hypervisor has been discovered, allowing guest virtual machines (VMs) to escape and potentially compromise the host system. This flaw, identified as CVE-2026-53359 and nicknamed 'Januscape,' arises from a use-after-free bug within the shadow MMU code that is utilized by both Intel and AMD x86 architectures. Researchers have demonstrated a proof-of-concept that can crash the host machine, raising concerns about the security of virtualized environments. The existence of an unreleased exploit that could further exploit this vulnerability has also been claimed, suggesting that the risk is significant. Organizations using Linux KVM on affected systems should take immediate precautions to secure their environments.
A recent report highlights multiple vulnerabilities affecting various Linux distributions, including Debian, Ubuntu, and Fedora. These vulnerabilities could allow attackers to gain unauthorized access or execute arbitrary code on affected systems. Researchers found that these issues stem from flaws in critical components like the Linux kernel and system libraries. Users and administrators of Linux systems need to prioritize patching their systems to mitigate potential risks. The widespread use of Linux in servers and cloud environments makes these vulnerabilities particularly concerning, as they could lead to significant data breaches or service disruptions.
Help Net Security
Attackers are currently exploiting a vulnerability in SimpleHelp, identified as CVE-2026-48558, which allows for an authentication bypass. This vulnerability has been patched, but it is actively being used to deploy Djinn Stealer malware on victim systems. Djinn Stealer is a versatile piece of malware that targets various operating systems, including Windows, macOS, and Linux. It collects sensitive credentials from a wide range of applications, including cloud services, source control, and cryptocurrency wallets. The situation poses a significant risk to users of SimpleHelp, particularly managed service providers, as the malware can compromise sensitive data and systems.
This week, a new vulnerability named DirtyClone was discovered in the Linux kernel, allowing local attackers to escalate privileges. This flaw emphasizes how even minor oversights, such as unpatched vulnerabilities or outdated access paths, can lead to significant security breaches. The threat is particularly concerning for users of affected Linux distributions, as attackers could potentially exploit this vulnerability to gain unauthorized access to sensitive systems. Additionally, discussions are underway in various forums about other emerging threats, including AI-driven malware tactics and the Turla backdoor, which could further complicate the security landscape. Organizations are urged to stay vigilant and apply necessary updates to protect against these risks.
Hackers are taking advantage of a serious vulnerability (CVE-2026-48558) in SimpleHelp, a remote support software, to deploy a new type of malware known as Djinn Stealer. This malware is capable of stealing information across multiple operating systems, including Windows, macOS, and Linux. Users of SimpleHelp are at risk as the flaw allows attackers to infiltrate systems and extract sensitive data without detection. The emergence of this undocumented malware raises concerns about the security of remote support tools, as they are commonly used by businesses and individuals for remote access. It is crucial for users to remain vigilant and apply any necessary updates to protect their information.
Cybersecurity researchers have identified two hijacked npm packages and several compromised Go packages that are being used to deliver a Python-based information stealer to affected systems. This malware targets Windows, Linux, and macOS devices, making it a broad threat to developers and users of these platforms. Notably, the attack circumvents common npm execution paths, which may be an effort to bypass security measures introduced in npm version 12. The presence of these malicious packages poses a significant risk, as they could lead to unauthorized data access and theft. Developers and users need to be vigilant and ensure they are not using these compromised packages in their projects.
Recently, two proof-of-concept (PoC) exploits for vulnerabilities in the Linux kernel have been published, enabling local privilege escalation. One of these flaws is known as DirtyClone, which is related to the DirtyFrag vulnerability class. These vulnerabilities could allow attackers with local access to escalate their privileges, potentially gaining control over sensitive system functions. This is particularly concerning for systems that rely heavily on Linux, as it could lead to unauthorized access to critical data and services. Users and administrators should be aware of these vulnerabilities and take necessary precautions to secure their systems against potential exploitation.