Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
82
security reportnational cybersecuritygovernment programActive Cyber Defence: Improving UK National Cybersecurity Efforts
The UK government’s highly successful Active Cyber Defence (ACD) program should be rolled out across other sectors to improve national cybersecurity, and could even be spurred by the government naming and shaming laggards, according to a new report. . The Cyber Security Research Group at King’s College London (KCL) argued that the ACD has done well in reducing low-level cybercrime against government services. The link for this article located at InfoSecurity is no longer available. . The Cyber Security Research Group at King’s College London (KCL) highlighted the success of ACD in reducing cybercrime.. Active Cyber Defence, National Cybersecurity, Government Initiative. . Brittany Day
Jan 22, 2019
•
Government
82
public sectorcontract scrutinycybersecurity chiefCybersecurity Chief Purdy Resigns Following Contract Scrutiny
The Bush administration's cybersecurity chief, who worked under an unusual agreement with a private university that does extensive business with the office he manages, is leaving his job. Donald ``Andy'' Purdy Jr. will step down as acting director of the National Cyber Security Division, part of the Department of Homeland Security. A government spokesman, Jarrod Agen, declined to comment on Purdy's plans, but colleagues circulated an invitation to his farewell party next week. Purdy worked at Homeland Security under a two-year contract with Carnegie Mellon University that expires Oct. 3. Under the contract, the government paid Purdy $245,481 in salary and benefits each year, not including travel reimbursements; Carnegie Mellon paid him an additional $43,320 a year. . His contract drew congressional scrutiny after The Associated Press reported in June that Purdy's cybersecurity division has paid Carnegie Mellon $19 million in contracts this year, almost one-fifth the unit's total budget. Purdy, who controlled a budget of about $107 million and as many as 44 full-time federal employees, said at the time he was not involved in discussions over his own office's business deals with the school. The link for this article located at siliconvalley.com is no longer available. . Purdy’s cybersecurity branch encountered intense examination regarding its multi-million dollar contracts as he steps down; insights into his peculiar arrangement.. Cybersecurity Division, National Cyber Security, Public Sector Leadership. . Brittany Day
Sep 27, 2006
•
Government
82
national cybersecuritycybersecurity divisionDHS engagementDHS National Cyber Security Division: Enhancing Engagement in Cybersecurity
A principal adviser to the new head of the Department of Homeland Security's National Cyber Security Division (NCSD) has reiterated that the division and its industry outreach program remain key players at the DHS and that it has a direct line . . . . A principal adviser to the new head of the Department of Homeland Security's National Cyber Security Division (NCSD) has reiterated that the division and its industry outreach program remain key players at the DHS and that it has a direct line to senior officials, including Secretary of Homeland Security Tom Ridge and President Bush. Speaking here at the Digital Security Conference, Sallie McDonald, the DHS's senior executive responsible for outreach and awareness efforts, said yesterday that the NCSD "is properly placed within the department" and has been described by Ridge as part of the "heartbeat of the agency." The conference was sponsored by Washtenaw Community College and the Walsh College Information Assurance Center. The link for this article located at ComputerWorld is no longer available. . A principal consultant emphasizes the pivotal importance of the DHS National Cyber Security Division in transforming the cybersecurity environment.. National Cyber Security,Cyber Division,Industry Outreach,Cybersecurity Landscape,DHS Engagement. . Anthony Pell
Oct 03, 2003
•
Government
82
security frameworkinfrastructure protectioncybersecurity strategyPCIPB Strategy Draft for National Cybersecurity Enhancement
The President's Critical Infrastructure Protection Board (PCIPB) has issued a draft plan for upgrading security protections for the nation's cyberspace infrastructure. The strategy emphasizes that protection of the nation's information technology infrastructure is not a job that government can do alone, . . . . The President's Critical Infrastructure Protection Board (PCIPB) has issued a draft plan for upgrading security protections for the nation's cyberspace infrastructure. The strategy emphasizes that protection of the nation's information technology infrastructure is not a job that government can do alone, but one that requires the cooperation of home computer users, business users, and state and local governments. The link for this article located at Access Control and Security Systems is no longer available. . The National Cyber Defense Committee has proposed a strategy to bolster digital security throughout the country.. Cybersecurity Strategy, National Cybersecurity Initiative, IT Security Framework. . Anthony Pell
Oct 31, 2002
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More