Security Trends 
fedora security assessment
fedora security assessment A Fedora contributor account recently came under scrutiny for apparently AI-generated activity that disrupted the project's bug tracker. . Questionable Bugzilla comments, flawed patches, and improperly closed or reassigned bugs forced maintainers to spend time cleaning up the fallout. There is no evidence that malware was deployed or a backdoor reached production, but the incident exposed a different problem. Open-source projects can be disrupted without compromising a single line of code....
Jun 12, 2026 
Security Vulnerabilities security advisory critical
security advisory critical Attackers are actively exploiting a high-severity vulnerability in Langflow , an open-source platform used to build and run AI workflows. . The flaw turns a file upload into a filesystem write, allowing a user-controlled file to escape the application's intended upload directory and land in locations Langflow was never supposed to touch. The vulnerable upload endpoint permits path traversal through crafted filenames. From there, the impact depends heavily on how the platform is deployed. A...
Jun 11, 2026 
Vendors/Productssecurity advisory linux
security advisory linux With npm v12 , dependency preinstall, install, and postinstall scripts will no longer execute automatically during package installation. Script execution will require explicit approval through new controls such as npm approve-scripts, with the change expected to arrive in July 2026. . The announcement targets a part of the software supply chain that has repeatedly appeared in package registry abuse, credential theft, and CI/CD compromise investigations. A single npm install could trigger code...
Jun 11, 2026 
Security Vulnerabilities security advisory zero-day
security advisory zero-day CISA added CVE-2026-11645 to its Known Exploited Vulnerabilities catalog after Google confirmed active exploitation of the flaw. The bug sits in V8, the JavaScript engine behind Chrome and Chromium. . That's where this gets more interesting. Most coverage will focus on Chrome because that's where the patch landed. But the affected component is V8. Chromium relies on it. Electron relies on it. Plenty of desktop software Linux users interact with every day relies on it too, often without much...
Jun 10, 2026 
Network Securitysecurity advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026 
Refine news
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
83
malwarebandwidth theftcyber threatAVrecon Remote Access Trojan Stealthily Infects 70,000 SOHO Routers
A stealthy Linux malware called AVrecon has been infecting over 70,000 small office/home office (SOHO) routers, creating a botnet primarily aimed at stealing bandwidth and operating as a hidden residential proxy service. . This malicious activity enables various criminal actions, including digital advertising fraud and password spraying. Despite its large scale, AVrecon has managed to evade detection since May 2021, making it one of the most significant botnets targeting SOHO routers to date. AVrecon, identified as a remote access trojan (RAT), successfully compromised over 70,000 Linux-based SOHO routers. However, the malware managed to bypass security detection for more than two years. At that time, it managed to infect only 40,000 devices into the botnet. According to The Hacker News, the threat actors behind AVrecon likely focused on exploiting vulnerabilities in SOHO devices that users were less likely to patch against common vulnerabilities and exposures (CVEs). This approach allowed the botnet to operate stealthily without causing noticeable disruptions or bandwidth loss for infected device owners. . AVrecon malware has infiltrated over 70,000 SOHO routers, enabling electronic deception and hidden activities. Discover the impacts of this security breach.. Linux Malware,Botnet Analysis,SOHO Router Threats,AVrecon Malware,Cybersecurity Risks. . LinuxSecurity.com Team
Jul 17, 2023 •
Hacks/Cracks 74
mac protocolwifi securitynetwork managementManaging MAC Protocols for Effective Wi-Fi Bandwidth Protection
By altering the Multiple Access Control (MAC) protocol, one of the series of protocols that govern how bandwidth is distributed between multiple users of the same wi-fi access point by randomly assigning each hotspot user a rate for data transfer, it is possible to siphon off most or all of the bandwidth. . . .. By altering the Multiple Access Control (MAC) protocol, one of the series of protocols that govern how bandwidth is distributed between multiple users of the same wi-fi access point by randomly assigning each hotspot user a rate for data transfer, it is possible to siphon off most or all of the bandwidth. That is what inspired Imad Aad and his colleagues, of the Ecole Polytechnique Federale de Lausanne (EPFL) - the Federal Institute of Technology in Lausanne, Switzerland - to devise a counter-measure. Within a third of a second, Aad told a conference this week, wi-fi operators using a tool called DOMINO could detect if someone is doing this by monitoring the rate of data flow in the MAC layer. The tool can be set to raise an alarm when one user is receiving data at an abnormally high speed compared to other users. The link for this article located at Sys-Con is no longer available. . Enhancing the Media Access Control (MAC) protocol can effectively combat Wi-Fi bandwidth theft by employing encryption, dynamic MAC addresses, and real-time monitoring. Wi-Fi Security, MAC Protection, Bandwidth Management. . Anthony Pell
Jun 10, 2004 • Network Security 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More