Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
83
security advisorydata breachonline transactionsPlayStation Network Security Incident: Developer Insights on Consumer Trust
With the details of 77 million customers involved, the PlayStation Network hack is one of the largest ever malicious attacks on a commercial network. Although Sony is assuring gamers that the network is being strengthened, the hack has once again raised questions about the security of online transactions.. Amid the firestorm, industry reactions were mixed with many developers expressing frustration at the attack and its possible consequences, rather than anger at Sony. Ste Curran, creative director at the Brighton-based studio Zoe Mode, told Develop Magazine: "From my perspective, the bigger issue is not about PSN, but confidence in digital distribution generally. For every story like this that breaks in the mainstream press, consumer confidence about their details being safe is eroded. Confidence [in online transactions] has been building up, and I think will continue to, but this is a blip. It could be a little step back." The link for this article located at The Guardian is no longer available. . The recent hack of the Xbox Live service led to significant concerns regarding the security of digital purchases and reactions from software creators. Discover additional details.. PlayStation Network, Data Breach, Developer Response, Online Security. . LinuxSecurity.com Team
Apr 29, 2011
•
Hacks/Cracks
83
data transmissionsecurity protocoldeveloper responseComprehending Extended HTML Form Attacks Alongside Their Responses
"HTML forms (i.e. form) are one of the features in HTTP that allows users to send data to HTTP servers. An often overlooked feature is that due to the nature of HTTP, the web browser has no way of identifying between an HTTP server and one that is not an HTTP server. Therefore web browsers may send this data to any open port, regardless of whether the open port belongs to an HTTP server or not. Apart from that, many web browsers will simply render any data that is returned from the server. Have you ever heard about the extended HTML form attack? What can web developer do? This article looks into this attack and how attackers can use it.. . 'HTML forms (i.e. form) are one of the features in HTTP that allows users to send data to HTTP serve. 'html, forms, form), features, allows, users, serve. . LinuxSecurity.com Team
Jun 20, 2008
•
Hacks/Cracks
83
incident reportcybersecuritysecurity breachSourceForge Compromise Requires Prompt Password Changes From Developers
The servers of open source development site SourceForge have been compromised. Active subscribers to the site, which is owned by VA Linux, received the following terse message from its administrators. "This week, one of our systems was compromised. We have promptly . . . . The servers of open source development site SourceForge have been compromised. Active subscribers to the site, which is owned by VA Linux, received the following terse message from its administrators. "This week, one of our systems was compromised. We have promptly taken the necessary steps to correct this situation," the message said. "You have been contacted, because according to our log files, you have used SourceForge during the past week and may have used the system that was compromised." SourceForge has asked developers who used the system during the period when it was compromised to change the password but has supplied little in the way of further information on the attack. No information on the crack has been posted on SourceForge's Web site, and news of the security breach was only brought to light after a story was posted to Slashdot. The link for this article located at The Register is no longer available. . GitHub encountered a data leak endangering user accounts, prompting all members to update their passwords for enhanced protection.. SourceForge Breach, Cybersecurity Threats, Open Source Development. . LinuxSecurity.com Team
May 29, 2001
•
Hacks/Cracks
74
local exploitopenbsdsecurity concernsOpenBSD Local Root Exploit Discussion Following Bugtraq Announcement
Last week several vulnerabilities with OpenBSD were announced on the full disclosure list Bugtraq. That a hole was found and exploited is not an amazing thing. The amazing and impressive thing is how long OpenBSD had gone without a local root . . . . Last week several vulnerabilities with OpenBSD were announced on the full disclosure list Bugtraq. That a hole was found and exploited is not an amazing thing. The amazing and impressive thing is how long OpenBSD had gone without a local root exploit. There was a reaction to the announcements by the OpenBSD developer team about the exploits that surprised me. The reaction was to imply that the developers had been hiding the truth about the exploits so as to not tarnish the reputation of OpenBSD. Just in case you think that I am a militant OpenBSD user defending the true faith, let me explain that I am a Linux user. I have played with OpenBSD and will most likely play with it again. I am not however, what you could call a member of the OpenBSD community. As I said I am a Linux user. I have been impressed with the work the OpenBSD team has done in proactivly finding bugs and the results they have gotten from this approach. I think that there is room in the world for Linux, *BSD, and even the commercial Unix variants. It is my belief there are advantages to having choices and using different approaches to solve common problems. The link for this article located at RootPrompt.org is no longer available. . Multiple security flaws disclosed in FreeBSD; feedback from maintainers sparks questions regarding openness.. OpenBSD Exploits, Bugtraq Issues, OpenBSD Reactions. . Anthony Pell
Oct 09, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More