Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
76
data breachincident reportcybersecurityBlack Hat 2015: OPM Data Breach Overview and Impact on Security
Black Hat 2015 is underway, and the corporate side of hacking has taken center stage. There are plenty of hot topics this year, but the mess at the OPM is something that is still generating buzz months after the fact. . Last month, House Oversight Committee Chairman Jason Chaffetz disclosed that in addition to the 4.2 million records that were previously reported compromised in June, OPM discovered a second incident during that investigation that impacted 21.5 million people, and 19.5 million of them had applied for security clearance. The link for this article located at CSO Online is no longer available. . In light of the recent revelation regarding 21.5 million stolen records from OPM, there has been a considerable amount of discourse.. Black Hat 2015,Cybersecurity Innovations,OPM Data Breach Impact. . Dave Wreski
Aug 05, 2015
•
Organizations/Events
82
smart cardgovernment programmanagement supportOvercoming Cultural Barriers to Achieve Smart Card Success in Governance
The technology exists to create a governmentwide smart card program, but cultural issues and a lack of top-level management support stand in the way of implementation, experts testified today. A single government smart card is possible, but managerial and policy . . . . The technology exists to create a governmentwide smart card program, but cultural issues and a lack of top-level management support stand in the way of implementation, experts testified today. A single government smart card is possible, but managerial and policy differences create difficulties, said Joel Willemssen, managing director of information technology issues at the General Accounting Office. "It would probably be very difficult to standardize it from a management and policy perspective," Willemssen testified today at a hearing of the House Government Reform subcommittee on technology, information policy, intergovernmental relations and the census. Agencies have different security clearances and access controls. GAO identified 62 smart card initiatives in varying stages at 18 agencies, Willemssen said. One of the next steps, he said, is establishing a governmentwide employee credentialing policy to streamline employee clearances. The link for this article located at FCW is no longer available. . The rollout of a thorough smart card program within government entities encounters challenges due to cultural resistance and lack of leadership support, hindering progress.. Government Smart Card, Management Support, Security Issues, Credentialing Policy, Cultural Barriers. . Anthony Pell
Sep 11, 2003
•
Government
82
government accountabilityHomeland Securitysecurity clearanceCongress Examines Diploma Fraud Claims Against Homeland Security Official
Following news reports that a senior official at the Homeland Security Department appears to have obtained her academic degrees from an unaccredited diploma mill, several members of Congress are seeking to learn how background checks and security clearances failed to flag . . . . Following news reports that a senior official at the Homeland Security Department appears to have obtained her academic degrees from an unaccredited diploma mill, several members of Congress are seeking to learn how background checks and security clearances failed to flag the questionable credentials. Rep. Carolyn Maloney, D-N.Y., chairwoman of the Democratic Caucus' Homeland Security task force, sent a letter June 4 to HSD secretary Tom Ridge asking for a full investigation. "What is troubling to me is that a senior official in the Department of Homeland Security in the office of the CIO would have a questionable degree in computer information systems from a university that has been denied accreditation by the U.S. Department of Education," Maloney's letter read. "If this press report is true, how could one of the highest senior officials in your Department make it through a background check while allegedly misleading the Department about her educational background?" The link for this article located at SecurityProtocals.com is no longer available. . Questions emerge regarding the qualifications of a key Homeland Security figure, particularly concerning their unverified academic credentials and the thoroughness of background evaluations.. Homeland Security Degrees, Diploma Mill Degrees, Background Check Issues, Credential Concerns. . Anthony Pell
Jun 14, 2003
•
Government
81
security upgradesecurity clearancesurveillance facilityPine Gap Facility Security Upgrade Prompts Industrial Dispute
An industrial dispute is brewing at the top secret Pine Gap surveillance facility over a security upgrade at the Northern Territory base. An Australian electrician has refused to undergo a high-level security check at the joint United States-Australian facility, in . . . . An industrial dispute is brewing at the top secret Pine Gap surveillance facility over a security upgrade at the Northern Territory base. An Australian electrician has refused to undergo a high-level security check at the joint United States-Australian facility, in a case that could challenge a foreign government's right to demand such checks, a union official said. The matter is listed for hearing in the Australian Industrial Relations Commission in Sydney. Electrical Trades Union national secretary Peter Tighe said the dispute involved a maintenance electrician employed by Boeing Constructors Incorporated - which is contracted to provide maintenance at Pine Gap, near Alice Springs. The man, who has not been named, had worked at the facility for almost 10 years, but did not want to go through the "rigorous" process to be upgraded to Top Secret, Positive Vetting (TSPV) level, he said. The link for this article located at NZoom is no longer available. . An industrial dispute is brewing at the top secret Pine Gap surveillance facility over a security up. industrial, dispute, brewing, secret, surveillance, facility, security. . LinuxSecurity.com Team
May 28, 2003
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More