Security Trends 
fedora security assessment
fedora security assessment A Fedora contributor account recently came under scrutiny for apparently AI-generated activity that disrupted the project's bug tracker. . Questionable Bugzilla comments, flawed patches, and improperly closed or reassigned bugs forced maintainers to spend time cleaning up the fallout. There is no evidence that malware was deployed or a backdoor reached production, but the incident exposed a different problem. Open-source projects can be disrupted without compromising a single line of code....
Jun 12, 2026 
Security Vulnerabilities security advisory critical
security advisory critical Attackers are actively exploiting a high-severity vulnerability in Langflow , an open-source platform used to build and run AI workflows. . The flaw turns a file upload into a filesystem write, allowing a user-controlled file to escape the application's intended upload directory and land in locations Langflow was never supposed to touch. The vulnerable upload endpoint permits path traversal through crafted filenames. From there, the impact depends heavily on how the platform is deployed. A...
Jun 11, 2026 
Vendors/Productssecurity advisory linux
security advisory linux With npm v12 , dependency preinstall, install, and postinstall scripts will no longer execute automatically during package installation. Script execution will require explicit approval through new controls such as npm approve-scripts, with the change expected to arrive in July 2026. . The announcement targets a part of the software supply chain that has repeatedly appeared in package registry abuse, credential theft, and CI/CD compromise investigations. A single npm install could trigger code...
Jun 11, 2026 
Security Vulnerabilities security advisory zero-day
security advisory zero-day CISA added CVE-2026-11645 to its Known Exploited Vulnerabilities catalog after Google confirmed active exploitation of the flaw. The bug sits in V8, the JavaScript engine behind Chrome and Chromium. . That's where this gets more interesting. Most coverage will focus on Chrome because that's where the patch landed. But the affected component is V8. Chromium relies on it. Electron relies on it. Plenty of desktop software Linux users interact with every day relies on it too, often without much...
Jun 10, 2026 
Network Securitysecurity advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026 
Refine news
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
81
security advisorycyber threatonline bankingHSBC: Key Logger Risks Impacting Online Banking Transactions
Where does your bank's responsibility to protect you and your online transactions end? Apparently the HSBC bank of Great Britain knew for 2 years that they had a vulnerability and did nothing about it. There are very few details about the vulnerability, but one thing is known -- an attacker would already have to have a key logger on the customer's system to take advantage of the vulnerability. Maybe I'm being naive, but if an attacker has a key logger on the system, I figure your online banking credentials being stolen is just the start of your worries. . The vulnerability HSBC has is apparently extremely difficult to actually take advantage of, a factor HSBC took into account when they decided to live with it because other concerns were more pressing. As security professionals, we should understand this balancing act, even if we don't always agree with the decisions that are reached. The cost to fix the issue was considered to by management to exceed the probability of an exploit multiplied by the possible cost of paying for any such breaches. Pretty standard business reasoning. . The exposure of Barclays raises significant threats to digital payments due to rising spyware allegations.. Banking Security, Key Logger Risks, Online Transaction Safety, Cyber Threat Protection. . LinuxSecurity.com Team
Aug 11, 2006 •
Privacy 82
law enforcementprivacy rightsgovernment oversightFBI’s Surveillance Technology: Scarfo Case Raises Privacy Issues
Disclosing material about the "key logger system" the FBI installed on the computer of Nicodemo S. Scarfo Jr. would hurt ongoing investigations of foreign intelligence agents and endanger the lives of U.S. agents, according to court documents filed by the government. . . . . Disclosing material about the "key logger system" the FBI installed on the computer of Nicodemo S. Scarfo Jr. would hurt ongoing investigations of foreign intelligence agents and endanger the lives of U.S. agents, according to court documents filed by the government. The Justice Department claims the system must remain secret to keep hostile intelligence officers from employing "counter-surveillance tactics to thwart law enforcement." The case is being watched by privacy experts concerned over the government use of spy technology. Lawyers for Scarfo, the son of a jailed mob boss, say they need the information to determine if the intrusion violated his constitutional rights. If it did, none of the evidence from the computer could be used at his trial. The link for this article located at USAToday is no longer available. . Disclosing material about the 'key logger system' the FBI installed on the computer of Nicodemo S. S. disclosing, material, about, logger, system', installed, computer, nicodemo. . Anthony Pell
Aug 08, 2001 • Government 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More