Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
82
data privacystate agencyChinaChina's Updated Cybersecurity Law Empowers State Agencies with Pen Testing
New provisions made to China's Cybersecurity Law last November gives state agencies the legal authority to remotely conduct penetration testing on any internet-related business operating in China, and even copy and later share any data government officials find on inspected systems. . The link for this article located at ZDNet is no longer available. . The link for this article located at ZDNet is no longer available. . provisions, china's, cybersecurity, november, gives, state, agencies, legal, author. . Dave Wreski
Feb 11, 2019
•
Government
81
legal controversydigital rightshacking caseInternet Outcry: Matthew Keys Convicted Under Computer Fraud Act
The Computer Fraud and Abuse Act, the law that . Prosecutors recently used the law to convict journalist Matthew Keys on felony hacking charges, drawing rounds of condemnation on the web. Edward Snowden, for one, derided the harsh penalty Keys now faces . Authorities employed the Cybercrime Statute to find reporter Matthew Keys guilty, igniting online fury and discussions.. Hacking Cases,Cybersecurity Law,Matthew Keys,Digital Rights,Legal Controversy. . LinuxSecurity.com Team
Mar 14, 2017
•
Privacy
82
security researchlegal frameworklegal implicationsCriticism of German Antihacker Law Encouraging Caution Among Researchers
Because you make pens, pencils, or any other sharp objects that are capable of stabbing and killing, you are liable for producing weapons. This is the logic I see behind the German Anti-Hacker law which states that offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal purposes. These laws are based off of a "judgement call" and can only hinder the process of security researchers in their perpetual quest of closing zero-day vulnerabilities. How do you feel about laws like this being passed? . The link for this article located at Network World is no longer available. . The article on the German Anti-Hacker Law raises concerns about implications for security research and hacker tool regulation.. German Antihacker Law, Security Research, Cybersecurity Implications. . Brittany Day
Aug 14, 2007
•
Government
82
data breachcorporate securitygovernment securityCalifornia Law Mandates Data Breach Disclosure For Security Awareness
California law now demands that the public be informed when government or corporate databases are breached. It's about time. In April, 2002, hackers broke into the payroll database for the state of California. For more than a month, cybercriminals rooted around in the personal information of 265,000 Golden State employees, ranging from Governor Gray Davis to maintenance workers and clerks. . .. California law now demands that the public be informed when government or corporate databases are breached. It's about time. In April, 2002, hackers broke into the payroll database for the state of California. For more than a month, cybercriminals rooted around in the personal information of 265,000 Golden State employees, ranging from Governor Gray Davis to maintenance workers and clerks . Worse, the California Controller's Office, which ran the database, failed to notify state employees for more than two weeks after the breach was discovered. Although officials with the Controller's office insisted the break-in probably hadn't resulted in any significant harm, the incident enraged Golden State pols and employees, whose Social Security numbers, bank account information, and home addresses were fair game for the hackers. This lapse sparked what may mark a dramatic shift in legal policy toward cybersecurity. Over strenuous objections from the business lobby, on Sept. 26 California enacted a sweeping measure that mandates public disclosure of computer-security breaches in which confidential information may have been compromised. The law covers not just state agencies but private enterprises doing business in California. Come July 1, 2003, those who fail to disclose that a breach has occurred could be liable for civil damages or face class actions. The link for this article located at SecurityFocus is no longer available. . California law now demands that the public be informed when government or corporate databases are br. california, demands, public, informed, government, corporate, databases. . Anthony Pell
Nov 11, 2002
•
Government
81
data interceptionprivacy concernsISP regulationsUK ISPs Face Data Interception Requirement Amid Legislative Concerns
From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Office has failed to explain how they will be reimbursed. And the rules mean that criminals will easily be able to . . . . From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Office has failed to explain how they will be reimbursed. And the rules mean that criminals will easily be able to avoid interception ISPs across the UK will have to start intercepting and storing electronic communications including emails, faxes and Web surfing data from 1 August, but there still appear to be glaring loopholes in the legislation. The link for this article located at ZDNet.co.uk is no longer available. . From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Offic. august, required, intercept, offic. . LinuxSecurity.com Team
Jul 10, 2002
•
Privacy
82
hacking incidentcriminal prosecutionlegal caseSklyarov Case Highlights DMCA Cybersecurity Legal Issues
Sklyarov, 27, had been charged in the first criminal prosecution under the 1998 Digital Millennium Copyright Act, and was arrested after speaking at the DefCon hacking convention in Las Vegas on July 16. All charges have now been dropped, according to a spokesperson for Sklyarov. . . .. Sklyarov, 27, had been charged in the first criminal prosecution under the 1998 Digital Millennium Copyright Act, and was arrested after speaking at the DefCon hacking convention in Las Vegas on July 16. All charges have now been dropped, according to a spokesperson for Sklyarov. "So the eBook processor is legal in (Russia). Also, what many do not mention is that the eBook processor only works with legally purchased eBooks. You need to have the serial number of the book, which you get on purchasing it, in order to use the processor." The link for this article located at Wired is no longer available. . Lawsuits against the developers dismissed, marking a pivotal moment in the enforcement of digital copyright laws.. Cybersecurity Law, Sklyarov Case, DMCA Prosecution. . Anthony Pell
Dec 13, 2001
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More