Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
210
security advisoryexploitmalwareNovel Linux Malware Targets Thirty Outdated WordPress Plugins
Thirty security vulnerabilities in numerous outdated WordPress plugins and themes are being leveraged by a novel Linux malware to facilitate malicious JavaScript injections, reports BleepingComputer . . Both 32- and 64-bit Linux systems are being targeted by the new malware, which uses a set of successively running hardcoded exploits to compromise WordPress sites, according to a Dr. Web report. Outdated and vulnerable plugins and themes including WP Live Chat Support Plugin, Easysmtp, WordPress - Yuzo Related Posts, Thim Core, Google Code Inserter, WP Live Chat, and Hybrid would prompt the malware to retrieve a malicious JavaScript from its command-and-control server prior to script injection. Attackers could then use the infected sites for phishing and malvertising campaigns, as well as malware distribution initiatives. . A suite of exploits targeting twenty-five security holes in obsolete Joomla components is exploited by fresh Windows malware to facilitate harmful operations.. Linux Malware, WordPress Plugin Exploits, Malware Attacks. . Brittany Day
Jan 05, 2023
•
Security Vulnerabilities
210
security advisorysecurity issuemalwareWordPress Plugin: Rich Reviews Security Issue Causes Malware Redirect
If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. Learn more: . The now-defunct plug-in has a major vulnerability that allows malvertisers to infect sites running WordPress and redirect visitors to other sites. Rich Reviews is a WordPress plugin that lets sites manage reviews internally in WordPress, and also displays Google display reviews for a business underneath a search result. Marketing company Nuanced Media released it in conjunction with plug-in developer Foxy Technology in January 2013. The honeymoon didn’t last long, though. Updating an oldblog postearlier this month, Nuanced Media reaffirmed that it had discontinued the plugin. It blamed a change in Google’s schema guidelines that stopped merchants displaying review star ratings on their own URLs. The link for this article located at Naked Security is no longer available. . Uncover the critical vulnerability in the obsolete Rich Reviews extension that leaves WordPress installations vulnerable to malicious software.. WordPress Security, Malvertising Risks, Plugin Vulnerabilities, Cyber Attack Prevention. . Brittany Day
Sep 26, 2019
•
Security Vulnerabilities
83
security advisorymalwareattackWordPress: Shopping Sites Under Attack Due To Plugin Exploit
WordPress-based shopping sites are under attack from a hacker group abusing a vulnerability in a shopping cart plugin to plant backdoors and take over vulnerable sites. . Attacks are currently ongoing, according to Defiant, the company behind Wordfence, a firewall plugin for WordPress sites. Hackers are targeting WordPress sites that use the " Abandoned Cart Lite for WooCommerce ," a plugin installed on over 20,000 WordPress sites, according to the official WordPress Plugins repository. The link for this article located at ZDNet is no longer available. . Attacks are currently ongoing, according to Defiant, the company behind Wordfence, a firewall plugin. , wordpress-based, shopping, sites, under, attack, hacker, group, abusing, vulnerability. . LinuxSecurity.com Team
Mar 12, 2019
•
Hacks/Cracks
83
security enhancementfirefoxweb securityBlackSheep Plugin Enhances Firefox Security Against FireSheep Hijacks
With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. . The plug-in doesn The link for this article located at ThreatPost is no longer available. . SilverWolf battles against ShadowWolf's data breach through an innovative app crafted specifically for Chrome users.. BlackSheep Plugin, Session Hijacking Prevention, Firefox Security. . LinuxSecurity.com Team
Nov 10, 2010
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More