{"id":298,"date":"2026-04-03T04:44:29","date_gmt":"2026-04-03T04:44:29","guid":{"rendered":"https:\/\/thelinuxreport.com\/linux\/?page_id=298"},"modified":"2026-04-03T04:58:34","modified_gmt":"2026-04-03T04:58:34","slug":"security-news","status":"publish","type":"page","link":"https:\/\/thelinuxreport.com\/linux\/?page_id=298","title":{"rendered":"Security News"},"content":{"rendered":"<p><a id=\"top\"><\/a><br \/>\n<!-- START of newsPage output --><div class=\"feed-grid\"><div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fit.slashdot.org%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/it.slashdot.org\/\" target=\"_blank\" rel=\"noopener\">Slashdot: IT<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/it.slashdot.org\/story\/26\/05\/18\/1946245\/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">New Windows &#039;MiniPlasma&#039; Zero-Day Exploit Gives SYSTEM Access, PoC Released<span><b>18 May 2026, 10:00 pm<\/b><br \/>A researcher known as Chaotic Eclipse has released a proof-of-concept exploit for a new Windows zero-day dubbed MiniPlasma, which BleepingComputer confirmed can grant SYSTEM privileges on fully patched Windows 11 systems. The researcher claims the bug is effectively a still-exploitable version of a 2020 flaw Microsoft said it had fixed. From the report: At the time, the flaw was assigned the CVE-2020-17103 identifier and reportedly fixed in December 2020. &quot;After investigating, it turns out the e...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/it.slashdot.org\/story\/26\/05\/17\/2053257\/microsoft-exchange-server-vulnerability-actively-exploited-in-a-bad-week-for-microsoft?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Server Vulnerability Actively Exploited, in a Bad Week for Microsoft<span><b>17 May 2026, 8:56 pm<\/b><br \/>Forbes describes it as &quot;definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk.&quot; \n\n&quot;We have issued CVE-2026-42897 to address a spoofing vulnerability affecting Exchange Outlook Web Access (OWA),&quot; Microsoft told SecurityWeek. &quot;We recommend customers enable EEMS to be better protected, and to follow our guidance availab...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/news.slashdot.org\/story\/26\/05\/16\/2110220\/sysadmin-creates-modulejail-to-automatically-blacklist-unused-kernel-modules?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Sysadmin Creates &#039;ModuleJail&#039; To Automatically Blacklist Unused Kernel Modules<span><b>17 May 2026, 3:34 pm<\/b><br \/>Long-time Slashdot reader internet-redstar shares an interestging response to &quot;the recent wave of Linux kernel privilege escalation vulnerabilities like &#039;Copy Fail&#039; and &#039;Dirty Frag&#039;&quot;:\n\nBelgian Linux sysadmin and Tesla Hacker &quot;Jasper Nuyens&quot; got tired of the idea of manually blacklisting dozens or even hundreds of obscure kernel modules across large fleets of Linux systems in the near future.\nSo he wrote ModuleJail, a GPLv3 shell script that scans a running Linux system and automatically blacklis...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/apple.slashdot.org\/story\/26\/05\/16\/1643203\/anthropics-mythos-helped-build-a-working-macos-exploit-in-five-days?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Anthropic&#039;s Mythos Helped Build a Working macOS Exploit in Five Days<span><b>16 May 2026, 6:34 pm<\/b><br \/>&quot;The vulnerability is simple in practice,&quot; writes Tom&#039;s Hardware: &quot;run a command as a standard user and gain root (administrator) access to the machine.&quot;\n\nAnd it was Mythos Preview that helped the security researchers at Palo Alto-based Calif bypass a five-year Apple security effort in just five days. The blog 9to5Mac reports:\n\nLast year, Apple introduced Memory Integrity Enforcement (MIE), a hardware-assisted memory safety system designed to make memory corruption exploits much harder to execut...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/it.slashdot.org\/story\/26\/05\/16\/0451234\/why-is-the-us-job-market-so-tough-especially-for-recent-college-grads?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Why Is the US Job Market So Tough, Especially for Recent College Grads?<span><b>16 May 2026, 2:34 pm<\/b><br \/>What&#039;s going on with the U.S. job market? &quot;The economy is growing. Unemployment is low,&quot; notes the Washington Post. &quot;And yet, for millions of workers, finding a job has become harder than at almost any other point in decades,&quot; with the hiring rate &quot;well below pre-pandemic levels for more than a year.&quot; \n\n Part of the problem? &quot;Of the net 369,000 positions added across the entire economy since the start of 2025, health care alone accounted for nearly 800,000 \u2014 meaning every other sector, taken t...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linux.slashdot.org\/story\/26\/05\/16\/0332211\/linux-kernel-outlines-what-qualifies-as-a-security-bug-responsible-ai-use?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Linux Kernel Outlines What Qualifies As A Security Bug, Responsible AI Use<span><b>16 May 2026, 11:00 am<\/b><br \/>The Linux 7.1 kernel has added new documentation clarifying what qualifies as a security bug and how AI-assisted vulnerability reports should be handled. Phoronix reports: Stemming from the recent influx of security bugs to the Linux kernel as well as an uptick in bug and security reports from discoveries made in full or in part with AI, additional documentation was warranted. Longtime Linux developer Willy Tarreau took to authoring the additional documentation around kernel bugs. To summarize (...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/it.slashdot.org\/story\/26\/05\/15\/1858235\/bitwarden-scrubs-always-free-and-inclusion-values-from-its-website?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Bitwarden Scrubs &#039;Always Free&#039; and &#039;Inclusion&#039; Values From Its Website<span><b>15 May 2026, 9:00 pm<\/b><br \/>Bitwarden appears to be undergoing a quiet shift in leadership and messaging. Its longtime CEO and CFO have stepped down, while the company has removed &quot;Always free&quot; from a prominent password-manager page and replaced &quot;Inclusion&quot; and &quot;Transparency&quot; in its GRIT values with &quot;Innovation&quot; and &quot;Trust.&quot; Fast Company reports: In February, longtime CEO Michael Crandell moved to an advisory role, according to LinkedIn, with no announcement from the company. His replacement, Michael Sullivan, former CEO o...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/science.slashdot.org\/story\/26\/05\/15\/0225226\/spacex-unveils-sweeping-starship-v3-upgrades?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">SpaceX Unveils Sweeping Starship V3 Upgrades<span><b>15 May 2026, 7:00 am<\/b><br \/>SpaceX has detailed major Starship V3 upgrades ahead of a launch targeted as early as May 19. The changes are meant to move Starship closer to its core goals: rapid reuse, Starlink deployment, orbital refueling, and eventually Moon and Mars missions. Longtime Slashdot reader schwit1 shares a report from Teslarati: Here is an explicit, broken-down list of the key changes, first starting with the changes to Super Heavy V3:\n \n- Grid Fin Redesign: Reduced from four fins to three. Each fin is now 50%...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/tech.slashdot.org\/story\/26\/05\/14\/0554201\/mystery-microsoft-bug-leaker-keeps-the-zero-days-coming?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming<span><b>14 May 2026, 11:00 am<\/b><br \/>An anonymous researcher known as Nightmare-Eclipse, who has already leaked several Windows zero-days this year, has disclosed two more: YellowKey and GreenPlasma. The Register reports: Nightmare-Eclipse described YellowKey as &quot;one of the most insane discoveries I ever found.&quot; They provided the files, which have to be loaded onto a USB drive, and if the attacker completes the key sequence correctly, they are granted unrestricted shell access to a BitLocker-protected machine. When it comes to clai...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linux.slashdot.org\/story\/26\/05\/13\/1621258\/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&#038;utm_medium=feed\" target=\"_blank\" rel=\"noopener\">Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability<span><b>13 May 2026, 7:00 pm<\/b><br \/>A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the kernel page cache of read-only files through a separate ESP\/XFRM logic bug. Phoronix reports: Proof of concept code for Fragnesia is already out there. There is a two-line patch for addressing the issue within the Linux kernel&#039;s skbuff.c code. That patch hasn&#039;t yet been mainlined or picked up by any mainline kernel releases but presumably wil...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.ghacks.net%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.ghacks.net\/\" target=\"_blank\" rel=\"noopener\">gHacks<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/18\/meta-opens-ray-ban-display-glasses-to-third-party-developers-through-wearables-toolkit\/\" target=\"_blank\" rel=\"noopener\">Meta Opens Ray-Ban Display Glasses to Third-Party Developers Through Wearables Toolkit<span><b>18 May 2026, 10:09 am<\/b><br \/>Meta has opened a developer preview of its Ray-Ban Display smart glasses, allowing third-party apps to access the in-lens display for the first time.\nThank you for being a Ghacks reader. The post Meta Opens Ray-Ban Display Glasses to Third-Party Developers Through Wearables Toolkit appeared first on gHacks....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/18\/openai-launches-personal-finance-experience-in-chatgpt-for-pro-users-in-the-us\/\" target=\"_blank\" rel=\"noopener\">OpenAI Launches Personal Finance Experience in ChatGPT for Pro Users in the US<span><b>18 May 2026, 9:57 am<\/b><br \/>OpenAI has introduced a preview of a personal finance feature in ChatGPT for Pro users in the United States.\nThank you for being a Ghacks reader. The post OpenAI Launches Personal Finance Experience in ChatGPT for Pro Users in the US appeared first on gHacks....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/18\/linus-torvalds-says-ai-generated-bug-reports-have-made-linux-security-mailing-list-unmanageable\/\" target=\"_blank\" rel=\"noopener\">Linus Torvalds Says AI-Generated Bug Reports Have Made Linux Security Mailing List Unmanageable<span><b>18 May 2026, 9:25 am<\/b><br \/>Linux creator Linus Torvalds has said that the Linux kernel&#039;s security mailing list has become almost impossible to manage due to an influx of AI-generated bug \nThank you for being a Ghacks reader. The post Linus Torvalds Says AI-Generated Bug Reports Have Made Linux Security Mailing List Unmanageable appeared first on gHacks....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/18\/steam-controller-reservation-emails-begin-going-out-with-72-hour-purchase-windows\/\" target=\"_blank\" rel=\"noopener\">Steam Controller Reservation Emails Begin Going Out With 72-Hour Purchase Windows<span><b>18 May 2026, 7:30 am<\/b><br \/>Valve has started sending reservation emails to people on the Steam Controller waitlist, giving eligible buyers a chance to complete their purchase.\nThank you for being a Ghacks reader. The post Steam Controller Reservation Emails Begin Going Out With 72-Hour Purchase Windows appeared first on gHacks....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/17\/firefox-gains-6-million-users-since-eu-browser-choice-screen-rules-took-effect\/\" target=\"_blank\" rel=\"noopener\">Firefox Gains 6 Million Users Since EU Browser Choice Screen Rules Took Effect<span><b>17 May 2026, 8:04 am<\/b><br \/>Since 2024, Firefox has gained 6 million users, mainly due to browser choice screens introduced under the EU Digital Markets Act, according to data from The Reg\nThank you for being a Ghacks reader. The post Firefox Gains 6 Million Users Since EU Browser Choice Screen Rules Took Effect appeared first on gHacks....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/17\/meta-launches-incognito-chat-with-meta-ai-for-private-conversations-on-whatsapp-and-meta-ai-app\/\" target=\"_blank\" rel=\"noopener\">Meta Launches Incognito Chat With Meta AI for Private Conversations on WhatsApp and Meta AI App<span><b>17 May 2026, 7:56 am<\/b><br \/>Meta has introduced Incognito Chat with Meta AI, a new mode for WhatsApp and the Meta AI app that offers private conversations, which the company claims cannot \nThank you for being a Ghacks reader. The post Meta Launches Incognito Chat With Meta AI for Private Conversations on WhatsApp and Meta AI App appeared first on gHacks....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/16\/windows-11-build-26300-8493-brings-movable-taskbar-smaller-taskbar-mode-and-fluid-dictation-to-more-languages\/\" target=\"_blank\" rel=\"noopener\">Windows 11 Build 26300.8493 Brings Movable Taskbar, Smaller Taskbar Mode, and Fluid Dictation to More Languages<span><b>16 May 2026, 11:08 am<\/b><br \/>Microsoft has released Windows 11 Build 26300.\nThank you for being a Ghacks reader. The post Windows 11 Build 26300.8493 Brings Movable Taskbar, Smaller Taskbar Mode, and Fluid Dictation to More Languages appeared first on gHacks....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/16\/forza-horizon-6-hits-172000-concurrent-steam-players-in-early-access-more-than-double-forza-horizon-5s-peak\/\" target=\"_blank\" rel=\"noopener\">Forza Horizon 6 Hits 172,000 Concurrent Steam Players in Early Access, More Than Double Forza Horizon 5&#039;s Peak<span><b>16 May 2026, 10:54 am<\/b><br \/>Forza Horizon 6 reached a peak of 172,093 concurrent players on Steam within hours of its $120 Premium Edition early access launch on May 14, 2026, according to\nThank you for being a Ghacks reader. The post Forza Horizon 6 Hits 172,000 Concurrent Steam Players in Early Access, More Than Double Forza Horizon 5&#039;s Peak appeared first on gHacks....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/15\/forza-horizon-6-pc-system-requirements-published-ahead-of-may-19-launch\/\" target=\"_blank\" rel=\"noopener\">Forza Horizon 6 PC System Requirements Published Ahead of May 19 Launch<span><b>15 May 2026, 10:26 am<\/b><br \/>Playground Games has revealed the full PC system requirements for Forza Horizon 6 ahead of its launch on May 19 for Xbox Series X|S and PC.\nThank you for being a Ghacks reader. The post Forza Horizon 6 PC System Requirements Published Ahead of May 19 Launch appeared first on gHacks....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.ghacks.net\/2026\/05\/15\/tired-of-ai-in-google-search-heres-how-to-remove-ai-overviews-and-knowledge-cards\/\" target=\"_blank\" rel=\"noopener\">Tired of AI in Google Search? Here&#039;s How To Remove AI Overviews and Knowledge Cards<span><b>15 May 2026, 10:23 am<\/b><br \/>Google Search offers a Web filter mode that removes AI Overviews, Knowledge cards, hotel listings, flight panels, and other content injected by Google from sear\nThank you for being a Ghacks reader. The post Tired of AI in Google Search? Here&#039;s How To Remove AI Overviews and Knowledge Cards appeared first on gHacks....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.cisa.gov%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.cisa.gov\/\" target=\"_blank\" rel=\"noopener\">All CISA Advisories<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/05\/15\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\" rel=\"noopener\">CISA Adds One Known Exploited Vulnerability to Catalog<span><b>15 May 2026, 12:00 pm<\/b><br \/>CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.\n\nCVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability\n\nThis type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.\nBinding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-08\" target=\"_blank\" rel=\"noopener\">Siemens Siemens ROS#<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nROS# contains a ROS service file_server, that before version 2.2.2 contains a path traversal vulnerability which could allow an attacker to access, i.e. read and write, arbitrary files, which are accessible with the user rights of the user that runs the service, on the system that hosts service. Siemens has released a new version for ROS# and recommends to update to the latest version.\nThe following versions of Siemens Siemens ROS# are affected:\n\nROS# vers:intdot\/&lt;2.2.2\n\n\n\n\n...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-15\" target=\"_blank\" rel=\"noopener\">Siemens SIMATIC S7 PLC Web Server<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nSIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.\nThe following versions of Siemens SIMATIC S7 PLC Web Server are affected:\n\nSIMATIC Drive Contr...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-02\" target=\"_blank\" rel=\"noopener\">Siemens Ruggedcom Rox<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nRuggedcom Rox contains an improper access control vulnerability that could allow an authenticated remote attacker to read arbitrary files with root privileges from the underlying operating system&#039;s filesystem. Siemens has released new versions for the affected products and recommends to update to the latest versions.\nThe following versions of Siemens Ruggedcom Rox are affected:\n\nRUGGEDCOM ROX MX5000 vers:intdot\/&lt;2.17.1\nRUGGEDCOM ROX MX5000RE vers:intdot\/&lt;2.17.1\u00a0\nRUGGEDCO...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-09\" target=\"_blank\" rel=\"noopener\">Siemens Opcenter RDnL<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nOpcenter RDnL is affected by missing authentication in critical function in \u2018ActiveMQ Artemis\u2019. An unauthenticated attacker within the adjacent network could use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This could potentially result in availability impacts or message injection into any queue via the rogue broker. Breaking the integrity of a message has a low impact due to missing a...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-14\" target=\"_blank\" rel=\"noopener\">Siemens SENTRON 7KT PAC1261 Data Manager<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nThe web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.0 contains a request smuggling vulnerability in the Go Project&#039;s net\/http package that could allow an attacker to retrieve authorization tokens that can be used to gain administrative control over the device. Siemens has released a new version for SENTRON 7KT PAC1261 Data Manager and recommends to update to the latest version.\nThe following versions of Siemens SENTRON 7KT PAC1261 Data Manager are affected:\n\nSENTRON ...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-03\" target=\"_blank\" rel=\"noopener\">Siemens Solid Edge<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nSolid Edge SE2026 before Update 5 is affected by two file parsing vulnerabilities that could be triggered when the application reads specially crafted files in PAR format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a new version for Solid Edge SE2026 and recommends to update to the latest version.\nThe following versions of Siemens Solid Edge are affected:\n\nSolid Edge vers:intdot\/&lt;226.0.5\u00a0\n\n\n\n\n\nCVSS\nVendor\nEquipment\n...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-13\" target=\"_blank\" rel=\"noopener\">Siemens SIPROTEC 5<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nThe SIPROTEC 5 devices do not use sufficiently random numbers to generate session identifiers. This could facilitate a brute-force attack against a valid session identifier which could allow an unauthenticated remote attacker to hijack a valid user session. The affected session identifiers are only used in a subset of the endpoints that are provided by the affected products. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or no...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-11\" target=\"_blank\" rel=\"noopener\">Siemens Ruggedcom Rox<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nRuggedcom Rox contains an input validation vulnerability in the feature key installation process that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected products and recommends to update to the latest versions.\nThe following versions of Siemens Ruggedcom Rox are affected:\n\nRUGGEDCOM ROX MX5000 vers:intdot\/&lt;2.17.1\nRUGGEDCOM ROX MX5000RE vers:intd...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-26-134-17\" target=\"_blank\" rel=\"noopener\">Universal Robots Polyscope 5<span><b>14 May 2026, 12:00 pm<\/b><br \/>View CSAF\nSummary\nSuccessful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code.\nThe following versions of Universal Robots Polyscope 5 are affected:\n\nPolyscope 5 &lt;5.25.1\u00a0\n\n\n\n\n\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv3 9.8\nUniversal Robots\nUniversal Robots Polyscope 5\nImproper Neutralization of Special Elements used in an OS Command (&#039;OS Command Injection&#039;)\n\n\n\n\nBackground\n\nCritical Infrastructure Sectors: Critical Manufacturing\nCountrie...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fthehackernews.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/thehackernews.com\/\" target=\"_blank\" rel=\"noopener\">The Hacker News<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/interpol-operation-ramz-disrupts-mena.html\" target=\"_blank\" rel=\"noopener\">INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests<span><b>18 May 2026, 5:21 pm<\/b><br \/>INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects.\nThe initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind these...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/weekly-recap-exchange-0-day-npm-worm.html\" target=\"_blank\" rel=\"noopener\">\u26a1 Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More<span><b>18 May 2026, 1:50 pm<\/b><br \/>Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.\nThe pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/how-to-reduce-phishing-exposure-before.html\" target=\"_blank\" rel=\"noopener\">How to Reduce Phishing Exposure Before It Turns into Business Disruption<span><b>18 May 2026, 1:00 pm<\/b><br \/>What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread.\nEarly phishing detection closes that gap. It helps teams move from uncertainty to evidence faster,...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/developer-workstations-are-now-part-of.html\" target=\"_blank\" rel=\"noopener\">Developer Workstations Are Now Part of the Software Supply Chain<span><b>18 May 2026, 11:23 am<\/b><br \/>Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI\/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. This is...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/ivanti-fortinet-sap-vmware-n8n-patch.html\" target=\"_blank\" rel=\"noopener\">Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws<span><b>18 May 2026, 10:54 am<\/b><br \/>Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.\nTopping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.\n&quot;External control of a file name...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/miniplasma-windows-0-day-enables-system.html\" target=\"_blank\" rel=\"noopener\">MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems<span><b>18 May 2026, 8:57 am<\/b><br \/>Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems.\nCodenamed MiniPlasma, the vulnerability impacts &quot;cldflt.sys,&quot; which refers to the Windows Cloud Files Mini Filter Driver,...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/four-malicious-npm-packages-deliver.html\" target=\"_blank\" rel=\"noopener\">Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware<span><b>18 May 2026, 8:57 am<\/b><br \/>Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP.\nThe list of identified packages is below -\n\nchalk-tempalte (825 Downloads)\n@deadcode09284814\/axios-util (284 Downloads)\naxois-utils (963 Downloads)\ncolor-style-utils (934 Downloads)\n\n&quot;One of the packages (chalk-tempalte)...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/pre-stuxnet-fast16-malware-tampered.html\" target=\"_blank\" rel=\"noopener\">Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations<span><b>18 May 2026, 6:46 am<\/b><br \/>A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations.\nAccording to Broadcom-owned Symantec and Carbon Black teams, the pre-Stuxnet tool was engineered to corrupt uranium-compression simulations that are central to nuclear weapon design.\n&quot;Fast16&#039;s hook engine is selectively interested in...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/nginx-cve-2026-42945-exploited-in-wild.html\" target=\"_blank\" rel=\"noopener\">NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE<span><b>17 May 2026, 11:57 am<\/b><br \/>A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck.\nThe vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0. According to AI-native security company depthfirst, the...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/thehackernews.com\/2026\/05\/grafana-github-token-breach-led-to.html\" target=\"_blank\" rel=\"noopener\">Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt<span><b>17 May 2026, 7:13 am<\/b><br \/>Grafana has disclosed that an &quot;unauthorized party&quot; obtained a token that granted them the ability to access the company&#039;s GitHub environment and download its codebase.\n\n\n  &quot;Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations,&quot; Grafana\n  said\n  in a series of...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fkrebsonsecurity.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/krebsonsecurity.com\/\" target=\"_blank\" rel=\"noopener\">Krebs on Security<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/05\/cisa-admin-leaked-aws-govcloud-keys-on-github\/\" target=\"_blank\" rel=\"noopener\">CISA Admin Leaked AWS GovCloud Keys on Github<span><b>18 May 2026, 8:48 pm<\/b><br \/>Until this past weekend, a contractor for the Cybersecurity &amp; Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/05\/patch-tuesday-may-2026-edition\/\" target=\"_blank\" rel=\"noopener\">Patch Tuesday, May 2026 Edition<span><b>12 May 2026, 9:46 pm<\/b><br \/>Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and\/or quickening the tempo of their patch releases....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/05\/canvas-breach-disrupts-schools-colleges-nationwide\/\" target=\"_blank\" rel=\"noopener\">Canvas Breach Disrupts Schools &amp; Colleges Nationwide<span><b>8 May 2026, 2:58 am<\/b><br \/>An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service&#039;s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/anti-ddos-firm-heaped-attacks-on-brazilian-isps\/\" target=\"_blank\" rel=\"noopener\">Anti-DDoS Firm Heaped Attacks on Brazilian ISPs<span><b>30 April 2026, 2:04 pm<\/b><br \/>A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm&#039;s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company&#039;s public image....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/scattered-spider-member-tylerb-pleads-guilty\/\" target=\"_blank\" rel=\"noopener\">\u2018Scattered Spider\u2019 Member \u2018Tylerb\u2019 Pleads Guilty<span><b>21 April 2026, 2:53 pm<\/b><br \/>A 24-year-old British national and senior member of the cybercrime group &quot;Scattered Spider&quot; has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/patch-tuesday-april-2026-edition\/\" target=\"_blank\" rel=\"noopener\">Patch Tuesday, April 2026 Edition<span><b>14 April 2026, 9:47 pm<\/b><br \/>Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed &quot;BlueHammer.&quot; Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/russia-hacked-routers-to-steal-microsoft-office-tokens\/\" target=\"_blank\" rel=\"noopener\">Russia Hacked Routers to Steal Microsoft Office Tokens<span><b>7 April 2026, 5:02 pm<\/b><br \/>Hackers linked to Russia&#039;s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab\/\" target=\"_blank\" rel=\"noopener\">Germany Doxes \u201cUNKN,\u201d Head of RU Ransomware Gangs REvil, GandCrab<span><b>6 April 2026, 2:07 am<\/b><br \/>An elusive hacker who went by the handle &quot;UNKN&quot; and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/03\/canisterworm-springs-wiper-attack-targeting-iran\/\" target=\"_blank\" rel=\"noopener\">\u2018CanisterWorm\u2019 Springs Wiper Attack Targeting Iran<span><b>23 March 2026, 3:43 pm<\/b><br \/>A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran&#039;s time zone or have Farsi set as the default language....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/krebsonsecurity.com\/2026\/03\/feds-disrupt-iot-botnets-behind-huge-ddos-attacks\/\" target=\"_blank\" rel=\"noopener\">Feds Disrupt IoT Botnets Behind Huge DDoS Attacks<span><b>20 March 2026, 12:49 am<\/b><br \/>The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.schneier.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.schneier.com\/\" target=\"_blank\" rel=\"noopener\">Schneier on Security<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/zero-day-exploit-against-windows-bitlocker.html\" target=\"_blank\" rel=\"noopener\">Zero-Day Exploit Against Windows BitLocker<span><b>18 May 2026, 11:08 am<\/b><br \/>It\u2019s nasty, but it requires physical access to the computer:\nThe exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/friday-squid-blogging-bigfin-squid.html\" target=\"_blank\" rel=\"noopener\">Friday Squid Blogging: Bigfin Squid<span><b>16 May 2026, 1:03 am<\/b><br \/>Article about the bigfin squid.\nAs usual, you can also use this squid post to talk about the security stories in the news that I haven\u2019t covered.\nBlog moderation policy....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/bypassing-on-camera-age-verification-checks.html\" target=\"_blank\" rel=\"noopener\">Bypassing On-Camera Age-Verification Checks<span><b>15 May 2026, 11:06 am<\/b><br \/>Some AI-based video age-verification checks can be fooled with a fake mustache....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/upcoming-speaking-engagements-56.html\" target=\"_blank\" rel=\"noopener\">Upcoming Speaking Engagements<span><b>14 May 2026, 4:01 pm<\/b><br \/>This is a current list of where and when I am scheduled to speak:\n\nI\u2019m giving a virtual talk on \u201cThe Security of Trust in the Age of AI,\u201d hosted by the Financial Women\u2019s Association of New York, at 6:00 PM ET on May 21, 2026.\nI\u2019m speaking at the Potsdam Conference on National Cybersecurity\u00a0at the Hasso Plattner Institut in Potsdam, Germany. The event runs June 24\u201325, 2026, and my talk will be the evening of June 24.\nI\u2019m speaking at the Digital Humanism Conference in Vienna, Austri...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/how-dangerous-is-anthropics-mythos-ai.html\" target=\"_blank\" rel=\"noopener\">How Dangerous Is Anthropic\u2019s Mythos AI?<span><b>14 May 2026, 11:04 am<\/b><br \/>Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan and fix their own software.\nThe announcement requires context\u2014but it contained an essential truth.\nWhile Anthropic\u2019s model is really good at finding software vulnerabilities, so are other models. The ...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/openais-gpt-5-5-is-as-good-as-mythos-at-finding-security-vulnerabilities.html\" target=\"_blank\" rel=\"noopener\">OpenAI\u2019s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities<span><b>13 May 2026, 11:03 am<\/b><br \/>The UK\u2019s AI Security Institute evaluated GPT-5.5\u2019s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally available.\nHere is the Institute\u2019s evaluation of Mythos.\nAnd here is an analysis of a smaller, cheaper model. It requires more scaffolding from the prompter, but it is also just as good....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/copy-fail-linux-vulnerability.html\" target=\"_blank\" rel=\"noopener\">Copy.Fail Linux Vulnerability<span><b>12 May 2026, 11:06 am<\/b><br \/>This is the worst Linux vulnerability in years.\nTL;DR\n\ncopy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC.\nIt abuses the kernel crypto API (AF_ALG sockets) plus splice() to write four bytes at a time straight into the page cache of a file the attacker does not own.\nThe exploit works unmodified across Ubuntu, RHEL, Debian, SUSE, Amazon Linux, Fedora and most others. No race condition, no per-distro off...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/llms-and-text-in-text-steganography.html\" target=\"_blank\" rel=\"noopener\">LLMs and Text-in-Text Steganography<span><b>11 May 2026, 11:04 am<\/b><br \/>Turns out that LLMs are really good at hiding text messages in other text messages....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/friday-squid-blogging-giant-squid-live-in-the-waters-of-western-australia.html\" target=\"_blank\" rel=\"noopener\">Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia<span><b>8 May 2026, 9:03 pm<\/b><br \/>Evidence of them has been found by analyzing DNA in the seawater.\nAs usual, you can also use this squid post to talk about the security stories in the news that I haven\u2019t covered.\nBlog moderation policy....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/insider-betting-on-polymarket.html\" target=\"_blank\" rel=\"noopener\">Insider Betting on Polymarket<span><b>8 May 2026, 5:49 pm<\/b><br \/>Insider trading is rife on Polymarket:\nAnalysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets\u2014\u00addefined as wagers of $2,500 or more at odds of 35 percent or less\u2014\u00adon the platform had an average win rate of around 52 percent in markets on military and defense actions.\nThat compares with a win rate of 25 percent across all politics-focused markets and just 14 percent for all markets on the platform as a whole.\nIt is absolutely insa...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.darkreading.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.darkreading.com\/\" target=\"_blank\" rel=\"noopener\">darkreading<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/microsoft-exchange-zero-day-no-patch\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Zero-Day Under Attack, No Patch Available<span><b>18 May 2026, 9:43 pm<\/b><br \/>CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/application-security\/claw-chain-vulnerabilities-threaten-openclaw\" target=\"_blank\" rel=\"noopener\">&#039;Claw Chain&#039; Vulnerabilities Threaten OpenClaw Deployments<span><b>18 May 2026, 9:24 pm<\/b><br \/>The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/application-security\/shai-hulud-worm-clones-spread-code-release\" target=\"_blank\" rel=\"noopener\">Shai-Hulud Worm Clones Spread After Code Release<span><b>18 May 2026, 7:53 pm<\/b><br \/>The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/fuel-tank-breaches-expand-scope-irans-cyber-offensive\" target=\"_blank\" rel=\"noopener\">Fuel Tank Breaches Expand Scope of Iran&#039;s Cyber Offensive<span><b>18 May 2026, 3:41 pm<\/b><br \/>Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/ai-code-and-agents-forces-defenders-adapt\" target=\"_blank\" rel=\"noopener\">The Boring Stuff Is Dangerous Now<span><b>18 May 2026, 1:00 pm<\/b><br \/>AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/broken-dreams-2-decades-cyber-fails\" target=\"_blank\" rel=\"noopener\">Boulevard of Broken Dreams: 2 Decades of Cyber Fails<span><b>18 May 2026, 12:00 pm<\/b><br \/>From the MGM and Caesars fiasco and MOVEit&#039;s patch nightmare to epic business blunders and the jaded reality of living in a post-breach world, Dark Reading looks back at the mistakes, miscalculations, systemic failures, and cringeworthy moments that still have us shaking our heads....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/can-laws-stop-deepfakes-south-korea\" target=\"_blank\" rel=\"noopener\">Can Laws Stop Deepfakes? South Korea Aims to Find Out<span><b>18 May 2026, 1:00 am<\/b><br \/>South Korea&#039;s local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/congress-instructure-shinyhunters-attacks\" target=\"_blank\" rel=\"noopener\">Congress Puts Heat on Instructure After Canvas Outage<span><b>15 May 2026, 8:19 pm<\/b><br \/>The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an &quot;agreement&quot; with the ShinyHunters cybercriminals....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/cybersecurity-pioneers-ponder-past-prologue\" target=\"_blank\" rel=\"noopener\">Cyber Pioneers Ponder Past as Prologue<span><b>15 May 2026, 12:00 pm<\/b><br \/>Robert &quot;RSnake&quot; Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for Dark Reading over the past 20 years have stood the test of time....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/taiwan-incident-highlights-cybersecurity-gaps\" target=\"_blank\" rel=\"noopener\">Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems<span><b>15 May 2026, 1:00 am<\/b><br \/>A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.bleepingcomputer.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.bleepingcomputer.com\/\" target=\"_blank\" rel=\"noopener\">BleepingComputer<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/interpol-operation-ramz-seizes-53-malware-phishing-servers\/\" target=\"_blank\" rel=\"noopener\">INTERPOL \u2018Operation Ramz\u2019 seizes 53 malware, phishing servers<span><b>18 May 2026, 10:15 pm<\/b><br \/>More than 200 individuals were arrested for cybercrime activities during INTERPOL&#039;s Operation Ramz, which focused on the Middle East and North Africa. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/shub-macos-infostealer-variant-spoofs-apple-security-updates\/\" target=\"_blank\" rel=\"noopener\">SHub macOS infostealer variant spoofs Apple security updates<span><b>18 May 2026, 9:42 pm<\/b><br \/>A new variant of the &#039;SHub&#039; macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/5-steps-to-managing-shadow-ai-tools-without-slowing-down-employees\/\" target=\"_blank\" rel=\"noopener\">5 Steps to Managing Shadow AI Tools Without Slowing Down Employees<span><b>18 May 2026, 6:45 pm<\/b><br \/>Many employees already use shadow AI tools at work without security review. Adaptive Security breaks down how teams can build practical AI governance without adding friction for employees. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/leaked-shai-hulud-malware-fuels-new-npm-infostealer-campaign\/\" target=\"_blank\" rel=\"noopener\">Leaked Shai-Hulud malware fuels new npm infostealer campaign<span><b>18 May 2026, 5:28 pm<\/b><br \/>The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/grafana-says-stolen-github-token-let-hackers-steal-codebase\/\" target=\"_blank\" rel=\"noopener\">Grafana says stolen GitHub token let hackers steal codebase<span><b>18 May 2026, 1:46 pm<\/b><br \/>Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/windows-11-finally-gets-a-resizable-taskbar-and-start-menu\/\" target=\"_blank\" rel=\"noopener\">Microsoft testing adjustable taskbar, Start menu in Windows 11<span><b>18 May 2026, 11:14 am<\/b><br \/>Microsoft has finally brought back the resizable taskbar and Start menu to Windows 11 in the latest preview version rolling out to Insiders in the Experimental channel. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-confirms-kb5089549-windows-11-security-update-install-issues\/\" target=\"_blank\" rel=\"noopener\">Microsoft confirms Windows 11 security update install issues<span><b>18 May 2026, 8:33 am<\/b><br \/>Microsoft has confirmed that the May 2026 Windows 11 security update (KB5089549) fails to install on some systems and triggers 0x800f0922 errors. [...]...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw\/\" target=\"_blank\" rel=\"noopener\">Exploit available for new DirtyDecrypt Linux root escalation flaw<span><b>18 May 2026, 7:18 am<\/b><br \/>A recently patched local privilege escalation vulnerability in the Linux kernel&#039;s rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. [...]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-earn-1-298-250-for-47-zero-days-at-pwn2own-berlin-2026\/\" target=\"_blank\" rel=\"noopener\">Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026<span><b>18 May 2026, 5:33 am<\/b><br \/>The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws. [...]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released\/\" target=\"_blank\" rel=\"noopener\">New Windows &#039;MiniPlasma&#039; zero-day exploit gives SYSTEM access, PoC released<span><b>17 May 2026, 10:30 pm<\/b><br \/>A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed &quot;MiniPlasma&quot; that lets attackers gain SYSTEM privileges on fully patched Windows systems.\u00a0 [...]...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fthreatpost.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/threatpost.com\/\" target=\"_blank\" rel=\"noopener\">Threatpost<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/student-loan-breach-exposes-2-5m-records\/180492\/\" target=\"_blank\" rel=\"noopener\">Student Loan Breach Exposes 2.5M Records<span><b>31 August 2022, 12:57 pm<\/b><br \/>2.5 million people were affected, in a breach that could spell more trouble down the line....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/watering-hole-attacks-push-scanbox-keylogger\/180490\/\" target=\"_blank\" rel=\"noopener\">Watering Hole Attacks Push ScanBox Keylogger<span><b>30 August 2022, 4:00 pm<\/b><br \/>Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/0ktapus-victimize-130-firms\/180487\/\" target=\"_blank\" rel=\"noopener\">Tentacles of \u20180ktapus\u2019 Threat Group Victimize 130 Firms<span><b>29 August 2022, 2:56 pm<\/b><br \/>Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/ransomware-attacks-are-on-the-rise\/180481\/\" target=\"_blank\" rel=\"noopener\">Ransomware Attacks are on the Rise<span><b>26 August 2022, 4:44 pm<\/b><br \/>Lockbit is by far this summer\u2019s most prolific ransomware group, trailed by two offshoots of the Conti group....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/cybercriminals-are-selling-access-to-chinese-surveillance-cameras\/180478\/\" target=\"_blank\" rel=\"noopener\">Cybercriminals Are Selling Access to Chinese Surveillance Cameras<span><b>25 August 2022, 6:47 pm<\/b><br \/>Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/twitter-whistleblower-tldr-version\/180472\/\" target=\"_blank\" rel=\"noopener\">Twitter Whistleblower Complaint: The TL;DR Version<span><b>24 August 2022, 2:17 pm<\/b><br \/>Twitter is blasted for security and privacy lapses by the company\u2019s former head of security who alleges the social media giant\u2019s actions amount to a national security risk....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/firewall-bug-under-active-attack-cisa-warning\/180467\/\" target=\"_blank\" rel=\"noopener\">Firewall Bug Under Active Attack Triggers CISA Warning<span><b>23 August 2022, 1:19 pm<\/b><br \/>CISA is warning that Palo Alto Networks\u2019 PAN-OS is under active attack and needs to be patched ASAP....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/reservation-links-prey-on-travelers\/180462\/\" target=\"_blank\" rel=\"noopener\">Fake Reservation Links Prey on Weary Travelers<span><b>22 August 2022, 1:59 pm<\/b><br \/>Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/iphone-users-urged-to-update-to-patch-2-zero-days-under-attack\/180448\/\" target=\"_blank\" rel=\"noopener\">iPhone Users Urged to Update to Patch 2 Zero-Days<span><b>19 August 2022, 3:25 pm<\/b><br \/>Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/threatpost.com\/google-patches-chromes-fifth-zero-day-of-the-year\/180432\/\" target=\"_blank\" rel=\"noopener\">Google Patches Chrome\u2019s Fifth Zero-Day of the Year<span><b>18 August 2022, 2:31 pm<\/b><br \/>An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.securityweek.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.securityweek.com\/\" target=\"_blank\" rel=\"noopener\">SecurityWeek<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/millions-impacted-across-several-us-healthcare-data-breaches\/\" target=\"_blank\" rel=\"noopener\">Millions Impacted Across Several US Healthcare Data Breaches<span><b>18 May 2026, 12:58 pm<\/b><br \/>Several healthcare data breaches impacting hundreds of thousands and even millions were added to the HHS tracker.\nThe post Millions Impacted Across Several US Healthcare Data Breaches appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/claw-chain-openclaw-flaws-allow-sandbox-escape-backdoor-delivery\/\" target=\"_blank\" rel=\"noopener\">\u2018Claw Chain\u2019 OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery<span><b>18 May 2026, 12:14 pm<\/b><br \/>Four vulnerabilities in OpenClaw can be chained together to steal credentials, escape the sandbox, and plant persistent backdoors.\nThe post \u2018Claw Chain\u2019 OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/7-eleven-data-breach-confirmed-after-shinyhunters-ransom-demand\/\" target=\"_blank\" rel=\"noopener\">7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand<span><b>18 May 2026, 11:25 am<\/b><br \/>The hackers claimed to have stolen more than 600,000 Salesforce records, including personal information and corporate data.\u00a0\nThe post 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/researcher-drops-miniplasma-windows-exploit-for-unpatched-2020-cve\/\" target=\"_blank\" rel=\"noopener\">Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE<span><b>18 May 2026, 10:38 am<\/b><br \/>The researcher dropped the MiniPlasma exploit that uses the original proof-of-concept (PoC) code targeting the bug.\nThe post Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/first-shai-hulud-worm-clones-emerge\/\" target=\"_blank\" rel=\"noopener\">First Shai-Hulud Worm Clones Emerge<span><b>18 May 2026, 9:45 am<\/b><br \/>At least one threat actor has adopted the recently released malware source code in attacks against NPM developers.\nThe post First Shai-Hulud Worm Clones Emerge appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/grafana-confirms-breach-after-hackers-claim-they-stole-data\/\" target=\"_blank\" rel=\"noopener\">Grafana Confirms Breach After Hackers Claim They Stole Data<span><b>18 May 2026, 8:34 am<\/b><br \/>Grafana appears to have been targeted by Coinbase Cartel, a cybercrime group linked to ShinyHunters, Scattered Spider, and Lapsus$.\nThe post Grafana Confirms Breach After Hackers Claim They Stole Data appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/exploitation-of-critical-nginx-vulnerability-begins\/\" target=\"_blank\" rel=\"noopener\">Exploitation of Critical NGINX Vulnerability Begins<span><b>18 May 2026, 7:27 am<\/b><br \/>The flaw leads to denial-of-service on default configurations and to remote code execution if ASLR is disabled.\nThe post Exploitation of Critical NGINX Vulnerability Begins appeared first on SecurityWeek....<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/hackers-earn-1-3-million-at-pwn2own-berlin-2026\/\" target=\"_blank\" rel=\"noopener\">Hackers Earn $1.3 Million at Pwn2Own Berlin 2026\u00a0<span><b>18 May 2026, 4:05 am<\/b><br \/>Participants demonstrated exploits for Windows, Linux, VMware, Nvidia, and AI products.\nThe post Hackers Earn $1.3 Million at Pwn2Own Berlin 2026\u00a0 appeared first on SecurityWeek....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/poc-code-published-for-critical-nginx-vulnerability\/\" target=\"_blank\" rel=\"noopener\">PoC Code Published for Critical NGINX Vulnerability<span><b>16 May 2026, 10:02 am<\/b><br \/>Introduced in 2008, the critical-severity security defect was patched this week in NGINX Plus and NGINX open source.\nThe post PoC Code Published for Critical NGINX Vulnerability appeared first on SecurityWeek....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.securityweek.com\/in-other-news-big-tech-vs-canada-encryption-bill-ciscos-free-ai-security-spec-audi-app-flaws\/\" target=\"_blank\" rel=\"noopener\">In Other News: Big Tech vs Canada Encryption Bill, Cisco\u2019s Free AI Security Spec, Audi App Flaws<span><b>15 May 2026, 2:52 pm<\/b><br \/>Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas.\nThe post In Other News: Big Tech vs Canada Encryption Bill, Cisco\u2019s Free AI Security Spec, Audi App Flaws appeared first on SecurityWeek....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fisc.sans.edu%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/isc.sans.edu\/\" target=\"_blank\" rel=\"noopener\">SANS Internet Storm Center, InfoCON: green<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32996\" target=\"_blank\" rel=\"noopener\">ISC Stormcast For Tuesday, May 19th, 2026 https:\/\/isc.sans.edu\/podcastdetail\/9936, (Tue, May 19th)<span><b>19 May 2026, 2:00 am<\/b><br \/>...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32994\" target=\"_blank\" rel=\"noopener\">TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th)<span><b>18 May 2026, 8:08 pm<\/b><br \/>Since the last update, the TeamPCP supply chain campaign produced its loudest stretch since the March Trivy disclosure: an officially confirmed Checkmarx Jenkins plugin compromise and a new self-spreading Mini Shai-Hulud worm across npm and PyPI.\r...<\/span><\/a> <img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/thelinuxreport.com\/linux\/wp-content\/plugins\/newspage\/images\/new.png?ssl=1\" alt=\"New!\" title=\"This was posted within the last 24 hours.\" style=\"vertical-align:middle;\"><\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32986\" target=\"_blank\" rel=\"noopener\">&amp;#x5b;Guest Diary&amp;#x5d;  New Malware Libraries means New Signatures, (Fri, May 15th)<span><b>15 May 2026, 6:38 am<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32992\" target=\"_blank\" rel=\"noopener\">ISC Stormcast For Friday, May 15th, 2026 https:\/\/isc.sans.edu\/podcastdetail\/9934, (Fri, May 15th)<span><b>15 May 2026, 4:10 am<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32990\" target=\"_blank\" rel=\"noopener\">Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)<span><b>14 May 2026, 6:08 am<\/b><br \/>Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when it comes to identifying malicious messages. Any e-mail placed in this folder is stripped of all formatting, and destinations of all links included in the message become visible to the user, as you can see in the following images which show the same e-mail when it is placed in the inbox, and when it is placed in the Junk folder.\r...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32988\" target=\"_blank\" rel=\"noopener\">ISC Stormcast For Thursday, May 14th, 2026 https:\/\/isc.sans.edu\/podcastdetail\/9932, (Thu, May 14th)<span><b>14 May 2026, 4:20 am<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32958\" target=\"_blank\" rel=\"noopener\">&amp;#x5b;GUEST DIARY&amp;#x5d; Tearing apart website fraud to see how it works., (Wed, May 13th)<span><b>13 May 2026, 6:29 am<\/b><br \/>&amp;#;x26;#;x5b;This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor&amp;#;x26;#;39;s degree in Applied Cybersecurity (BACS) program.]\r...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32984\" target=\"_blank\" rel=\"noopener\">ISC Stormcast For Wednesday, May 13th, 2026 https:\/\/isc.sans.edu\/podcastdetail\/9930, (Wed, May 13th)<span><b>13 May 2026, 3:05 am<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32982\" target=\"_blank\" rel=\"noopener\">Proxying the Unproxyable&amp;#x3f; Sending EXE traffic to a Proxy, (Wed, May 13th)<span><b>13 May 2026, 1:20 am<\/b><br \/>.. if \u00e2\u0080\u009cunproxyable\u00e2\u0080\u009d is a word that is ..\r...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32980\" target=\"_blank\" rel=\"noopener\">Microsoft May 2026 Patch Tuesday, (Tue, May 12th)<span><b>12 May 2026, 6:29 pm<\/b><br \/>Today&amp;#;x26;#;39;s Microsoft patch Tuesday fixes 137 different vulnerabilities. In addition, the update addresses 137 Chromium-related issues affecting Microsoft Edge.\r...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fblog\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/www.sophos.com\/en-us\/blog\" target=\"_blank\" rel=\"noopener\">Sophos Blogs<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/why-amos-matters-the-macos-malware-stealing-data-at-scale\" target=\"_blank\" rel=\"noopener\">Why AMOS matters: The macOS malware stealing data at scale<span><b>14 May 2026, 12:00 am<\/b><br \/>Sophos X-Ops looks at the Atomic macOS Stealer and its capabilitiesCategories: Threat ResearchTags: MacOS, AMOS, infostealer...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/blog\/may-patch-tuesday-hauls-out-132-cves\" target=\"_blank\" rel=\"noopener\">May\u2019s Patch Tuesday hauls out 132 CVEs<span><b>13 May 2026, 9:12 pm<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/may-patch-tuesday-hauls-out-132-cves\" target=\"_blank\" rel=\"noopener\">May\u2019s Patch Tuesday hauls out 132 CVEs<span><b>13 May 2026, 12:00 am<\/b><br \/>With advisories, this month\u2019s count approaches 300 \u2013 though many are already in placeCategories: Threat Research, X-opsTags: Patch Tuesday, MICROSOFT PATCH TUESDAY...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/blog\/inside-the-lethal-trifecta-blast-radius-reduction-in-ai-agent-deployments\" target=\"_blank\" rel=\"noopener\">Inside the lethal trifecta: Blast radius reduction in AI agent deployments<span><b>12 May 2026, 8:51 pm<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/sophos-supply-chain-attack\" target=\"_blank\" rel=\"noopener\">Sophos Endpoint in action: Blocking a novel supply chain attack<span><b>12 May 2026, 12:00 am<\/b><br \/>How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack.Categories: Products &amp; ServicesTags: Endpoint, Sophos Endpoint, Exploits...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/sophos-state-of-identity-security-2026\" target=\"_blank\" rel=\"noopener\">The State of Identity Security 2026: Identity is the new perimeter<span><b>12 May 2026, 12:00 am<\/b><br \/>Discover the causes and consequences of identity threats based on a survey of 5,000 organizations across 17 countries.Categories: Products &amp; ServicesTags: identity, Identity Security, Ransomware...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/inside-the-lethal-trifecta-blast-radius-reduction-in-ai-agent-deployments\" target=\"_blank\" rel=\"noopener\">Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments<span><b>12 May 2026, 12:00 am<\/b><br \/>Seven things security teams can start doing today to reduce riskCategories: Threat ResearchTags: AI, CISO, risk...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/blog\/sophos-state-of-identity-security-2026\" target=\"_blank\" rel=\"noopener\">Sophos State of Identity Security 2026<span><b>11 May 2026, 8:20 pm<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/blog\/why-amos-matters-the-macos-malware-stealing-data-at-scale\" target=\"_blank\" rel=\"noopener\">Why AMOS matters: The macOS malware stealing data at scale<span><b>11 May 2026, 2:56 pm<\/b><br \/>...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/www.sophos.com\/en-us\/blog\/sophos-ransomware-ai\" target=\"_blank\" rel=\"noopener\">Ransomware: AI changes the writer. It doesn&#039;t change the math.<span><b>11 May 2026, 12:00 am<\/b><br \/>Why most endpoint protection still treats ransomware as just another piece of malware, and what changes when you watch the data instead of the attacker.Categories: Products &amp; ServicesTags: Ransomware, Endpoint, Sophos Endpoint, EDR, AI, artificial intelligence...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Fwpscan.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/wpscan.com\/\" target=\"_blank\" rel=\"noopener\">WPScan<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/unauthorized-plugin-installation-activation-in-hunk-companion\/\" target=\"_blank\" rel=\"noopener\">Unauthorized Plugin Installation\/Activation\u00a0in Hunk Companion<span><b>10 December 2024, 9:03 pm<\/b><br \/>This report highlights a vulnerability in the Hunk Companion plugin &lt; 1.9.0 that allows unauthenticated POST requests to install and activate plugins directly from the WordPress.org\u00a0repository. This flaw poses a significant security risk, as it enables attackers to install vulnerable or closed plugins, which can then be exploited for attacks such as Remote Code Execution [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/identifying-traffic-from-shell-finder-bots\/\" target=\"_blank\" rel=\"noopener\">Identifying Traffic from Shell Finder Bots<span><b>1 November 2024, 11:04 pm<\/b><br \/>A shell finder is a type of reconnaissance tool that is used by threat actors to identify websites that have already been compromised and contain backdoor\u00a0shells. A backdoor shell is a form of malware that is added by a threat actor after gaining unauthorized access to a website. The purpose of a backdoor shell is [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/unpatched-vulnerability-in-ti-woocommerce-wishlist-plugin\/\" target=\"_blank\" rel=\"noopener\">Unpatched Vulnerability in TI WooCommerce Wishlist Plugin<span><b>9 September 2024, 5:45 pm<\/b><br \/>A Few weeks ago an Sql Injection was discovered in the TI WooCommerce Wishlist plugin. After checking closer we found another entry point, affecting over 100,000 active installs. Despite the severity of this issue, the vendor have not yet provided a patch, leading to public disclosure. The vulnerability can be exploited by unauthenticated users, allowing [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/unauthenticated-privilege-escalation-in-profile-builder-plugin\/\" target=\"_blank\" rel=\"noopener\">Unauthenticated Privilege Escalation in Profile-Builder plugin<span><b>15 July 2024, 4:29 pm<\/b><br \/>During a routine audit of various WordPress plugins, we identified some issues in Profile Builder and Profile Builder Pro (50k+ active installs). We discovered an Unauthenticated Privilege Escalation Vulnerability which could allow attackers to gain administrative access without having any kind of account on the targeted site and perform unauthorized\u00a0actions. This vulnerability was fixed on [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/object-injection-vulnerability-fixed-in-seopress-7-9\/\" target=\"_blank\" rel=\"noopener\">Object Injection vulnerability fixed in SEOPress 7.9<span><b>24 June 2024, 2:00 pm<\/b><br \/>During a routine audit of various WordPress plugins, we identified a few issues in SEOPress (300k+ active installs). More specifically, we discovered an authentication bug which could allow attackers to access certain protected REST API routes without having any kind of account on the targeted\u00a0site. Digging deeper into what an attacker could do with this [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/website-security-tools\/\" target=\"_blank\" rel=\"noopener\">10 of the Best Website Security Tools to Stay Ahead of Hackers<span><b>5 June 2024, 1:00 pm<\/b><br \/>Which website security tools are really necessary for your site? What to consider before investing in new software. 10 must-have tools you can\u2019t skip....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/vulnerability-scanners\/\" target=\"_blank\" rel=\"noopener\">The 10 Best Vulnerability Scanners for Effective Web Security<span><b>16 May 2024, 1:00 pm<\/b><br \/>7 factors for choosing the best vulnerability scanner. Top options compared on features, pros, cons, &amp; pricing. 5 things that make a great scanner...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/a-persistent-twist-in-the-current-malware-campaign\/\" target=\"_blank\" rel=\"noopener\">A persistent twist in the current Malware Campaign<span><b>13 May 2024, 7:12 pm<\/b><br \/>Recently while covering malware campaigns exploiting the LiteCache and WP\u2011Automatic WordPress plugins, we found that attackers were installing php\u2011everywhere, a plugin that allows users to run arbitrary PHP code in their site\u2019s posts. This plugin was closed on April 25th per its author\u2019s\u00a0request. The reasoning behind this installation was to have persistent malware on the [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/surge-of-javascript-malware-in-sites-with-vulnerable-versions-of-litespeed-cache-plugin\/\" target=\"_blank\" rel=\"noopener\">Surge of JavaScript Malware in sites with vulnerable versions of LiteSpeed Cache Plugin<span><b>3 May 2024, 3:01 pm<\/b><br \/>If you\u2019ve recently encountered the admin user wpsupp\u2011user on your website, it means it\u2019s being affected by this wave of\u00a0infections. Identifying Contamination\u00a0Signs: The malware typically injects code into critical WordPress files, often manifesting as\u00a0: Or in the database, when the vulnerable version of LiteSpeed Cache is exploited\u00a0: decoded version: Cleanup Procedures Identifying Malicious URLs and\u00a0IPs [\u2026]...<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/wpscan.com\/blog\/new-malware-campaign-targets-wp-automatic-plugin\/\" target=\"_blank\" rel=\"noopener\">New Malware Campaign Targets WP-Automatic Plugin<span><b>24 April 2024, 7:27 pm<\/b><br \/>A few weeks ago a critical vulnerability was discovered in the plugin WP\u2011Automatic. This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as attackers can exploit it to gain unauthorized access to websites, create admin\u2011level user accounts, upload malicious files, and potentially take full control of affected\u00a0sites. The Vulnerability The vulnerability lies in [\u2026]...<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<div class=\"feed\"><div class=\"feedtitle\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.google.com\/s2\/favicons?domain=https%3A%2F%2Flinuxsecurity.com%2F\" width=\"16\" height=\"16\" style=\"vertical-align:middle;\"\/> <a href=\"https:\/\/linuxsecurity.com\/\" target=\"_blank\" rel=\"noopener\">LinuxSecurity - Security Articles<\/a><\/div>\n<ul>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/howtos\/learn-tips-and-tricks\/github-actions-runner-security-linux\" target=\"_blank\" rel=\"noopener\">GitHub Actions Linux Self-Hosted Runners Security Risks 2025-30066<span><b>15 May 2026, 5:59 pm<\/b><br \/>Self-hosted GitHub Actions runners give organizations far more flexibility than standard cloud-hosted runners. Teams can integrate internal infrastructure directly into CI\/CD workflows, automate Kubernetes deployments, run custom tooling, and manage Linux-based build environments without relying entirely on external infrastructure....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/linux-container-visibility-blind-spots\" target=\"_blank\" rel=\"noopener\">Linux Security Monitoring Challenges and EDR Visibility Gaps<span><b>14 May 2026, 11:51 am<\/b><br \/>An attacker compromises a Linux container, launches a cryptominer, sets up a way to stay in the system through a background task, and disappears before the investigation even begins. By the time analysts start looking at the logs, the workload has shut down, and the container no longer exists....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/fragnesia-linux-privilege-escalation\" target=\"_blank\" rel=\"noopener\">Linux Kernel Fragnesia Critical Privilege Escalation CVE-2026-46300<span><b>14 May 2026, 11:32 am<\/b><br \/>Linux administrators are once again dealing with a familiar problem: a local Linux foothold that can potentially become full root access....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/rubygems-attack-linux-supply-chain-risk\" target=\"_blank\" rel=\"noopener\">RubyGems Attack Highlights Open Source Supply Chain Risks for Linux Teams<span><b>14 May 2026, 8:02 am<\/b><br \/>RubyGems temporarily suspended new account registrations this week after threat actors pushed hundreds of malicious packages into the Ruby package ecosystem. At first glance, that may sound like a Ruby-specific problem. It is not....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/supply-chain-attacks-ci-cd-security\" target=\"_blank\" rel=\"noopener\">Why CI\/CD Pipelines Became Targets in Software Supply Chain Attacks<span><b>14 May 2026, 8:01 am<\/b><br \/>For years, software security discussions centered on vulnerable code. A bug inside an application could expose a workstation, production server, or cloud workload, so most supply chain conversations focused on malicious packages, outdated dependencies, and exploitable libraries buried somewhere inside the stack. That is no longer the main problem....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/red-hat-krb5-security-update\" target=\"_blank\" rel=\"noopener\">Why Red Hat\u2019s krb5 Update Matters for Linux and Windows Authentication\u00a0<span><b>14 May 2026, 7:40 am<\/b><br \/>Red Hat released an Important krb5 security update for Red Hat Enterprise Linux 8 this week, addressing two vulnerabilities tracked as CVE-2026-40355 and CVE-2026-40356. On paper, it looks like another Linux package advisory....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/news\/server-security\/secure-remote-access-linux-servers\" target=\"_blank\" rel=\"noopener\">Securing Remote Access to Linux Servers: Best Practices for 2026<span><b>13 May 2026, 9:11 am<\/b><br \/>Linux runs the internet. More than 96% of the world\u2019s top one million web servers operate on Linux-based systems. That makes every linux server a target by default. Attackers do not go where defenses are strongest; they go where the infrastructure is exposed....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/runtime-monitoring-ebpf-linux-security\" target=\"_blank\" rel=\"noopener\">Why Runtime Monitoring Is Replacing Traditional Linux Logging<span><b>12 May 2026, 2:18 pm<\/b><br \/>The problem is not necessarily a lack of security tools. Modern Linux infrastructure changes so quickly that maintaining consistent visibility has become one of the hardest operational problems in cloud security....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/debian-reproducible-builds\" target=\"_blank\" rel=\"noopener\">Debian 14 Makes Reproducible Builds Mandatory for Linux Packages<span><b>12 May 2026, 1:57 pm<\/b><br \/>Debian 14 \u201cForky\u201d will begin blocking packages that fail reproducibility checks, marking a major shift in how Linux distributions verify software integrity....<\/span><\/a> <\/li>\n<li class=\"feeditem\"><a href=\"https:\/\/linuxsecurity.com\/features\/why-linux-servers-get-hacked\" target=\"_blank\" rel=\"noopener\">Why Linux Servers Get Hacked More Often Than People Think<span><b>11 May 2026, 2:07 pm<\/b><br \/>Linux runs a massive part of the internet. Cloud platforms, databases, containers, web hosting, APIs, and internal business infrastructure all depend heavily on Linux systems. Most people interact with Linux-backed services every day without realizing it.\u00a0That popularity also makes Linux server security a constant concern....<\/span><\/a> <\/li>\n<\/ul>\n<\/div>\n<\/div><!-- END of newsPage output --><\/p>\n<div style=\"text-align:center; padding: 20px 0; border-top: 1px solid #444; margin-top: 20px;\">\n<a href=\"#top\" style=\"margin: 0 15px;\">Top<\/a> | <a href=\"\/linux\/\" style=\"margin: 0 15px;\">&laquo; Linux News<\/a>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Top | &laquo; Linux News<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-298","page","type-page","status-publish","hentry"],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/PaDc2i-4O","jetpack_likes_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/pages\/298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=298"}],"version-history":[{"count":2,"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/pages\/298\/revisions"}],"predecessor-version":[{"id":303,"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=\/wp\/v2\/pages\/298\/revisions\/303"}],"wp:attachment":[{"href":"https:\/\/thelinuxreport.com\/linux\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}