NEW → Critical RCE flaw (CVE-2019-3462) found in #Linux apt/apt-get, which could allow remote MiTM hackers to trick systems into installing altered or malicious packages as #root

https://thehackernews.com/2019/01/linux-apt-http-hacking.html …

Exploitation of such flaw could have been mitigated if APT was using HTTPS

New high severity "RunC" vulnerability (CVE-2019-5736) lets attackers escape #Linux container to gain root access on host machine.

Affected Systems/Services → Docker, Kubernetes, Debian, Red Hat, Ubuntu, Google Cloud, Amazon AWS and more.

https://thehackernews.com/2019/02/linux-container-runc-docker.html

Researchers from University of Minnesota apologized to #Linux Kernel Project maintainers for intentionally introducing insecure code, which led to the school being banned from further contributing to the open-source project.

Read: https://thehackernews.com/2021/04/minnesota-university-apologizes-for.html

Researchers have gained insight into a group of Romanian cybercriminals which have been identified carrying out cryptojacking attacks on #Linux machines with weak passwords.

Read: https://thehackernews.com/2021/07/researchers-warn-of-linux-cryptojacking.html

Microsoft warns of a notorious cross-platform crypto-mining malware that has refined and improved its techniques to attack Windows and #Linux operating systems.

Read details: https://thehackernews.com/2021/07/microsoft-warns-of-lemonduck-malware.html

IMPORTANT — Google has issued an emergency update (version 95.0.4638.69) for Chrome web browser for Windows, Mac, and #Linux users to patch two zero-day vulnerabilities that are being actively exploited in the wild.

https://thehackernews.com/2021/10/google-releases-urgent-chrome-update-to.html

⚠️ Beware of ShellBot malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform DDoS attacks & exfiltrate data.

Learn more: https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges.

Learn how it affects major #Linux distributions: https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html

New #Linux Kernel Exploitation Technique Unveiled: SLUBStick

This technique could elevate limited heap vulnerabilities to arbitrary memory read-and-write capabilities, threatening system security.

Researchers have shown SLUBStick can successfully bypass defenses like KASLR with a 99% success rate.

Read: https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html

A new #ransomware variant, Cicada3301, is making headlines for its advanced tactics and SMB focus. Cicada3301 not only targets Windows and #Linux/ESXi systems but also embeds compromised user credentials for further exploitation.

https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html

Earth Lusca's KTLVdoor malware targets Windows & #Linux, enabling file manipulation and remote scanning via 50+ command-and-control servers, likely shared with other threat actors.

Learn more: https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html

Google has just launched a Password Manager PIN feature that allows users to sync passkeys seamlessly across Windows, macOS, #Linux, ChromeOS, and Android.

Learn more: https://thehackernews.com/2024/09/chrome-users-can-now-sync-passkeys.html

Developers, beware! Poisoned Python packages are being used by North Korean attackers to spread PondRAT malware, compromising both #Linux and macOS systems.

Learn more: https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html

A new variant of the Helldown ransomware is now targeting #Linux and virtualized infrastructures via VMware, broadening its attack surface to industries like #healthcare, manufacturing, and IT services.
With evolving tactics, this marks a major shift in ransomware strategies, now focusing on virtual machines and cloud-based infrastructures.

Learn how Helldown is evolving — https://thehackernews.com/2024/11/new-helldown-ransomware-expands-attacks.html

🚨 New China-linked APT Gelsemium targets #Linux—The notorious group has launched a new Linux backdoor, WolfsBane, alongside another malware tool called FireWood, raising cybersecurity alarms.

WolfsBane and FireWood are targeting East & Southeast Asia, exploiting unknown vulnerabilities to steal sensitive data.

Read: https://thehackernews.com/2024/11/chinese-apt-gelsemium-targets-linux.html

🚨 New Malware Alert: PUMAKIT, a #Linux rootkit, employs advanced stealth tactics to evade detection and escalate privileges.

It’s not just hiding files—it’s altering core system behavior while remaining invisible to system tools.

Learn how PUMAKIT operates 👉 https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html