Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 259 articles for you...
78

GStreamer 1.26.3 Important Update: H.266 Vulnerability Fixes and Upgrades

If you’ve ever set up or maintained a multimedia pipeline on Linux, you already know the stakes. Your system needs to decode, encode, stream, and sync diverse media formats flawlessly, often under significant workload. GStreamer has been the workhorse of open-source multimedia for years, but it’s not unbreakable. That’s why version 1.26.3 matters. . It’s not just a routine release; it’s a critical moment to reevaluate your pipeline’s security and efficiency. Whether you’re handling real-time video conferencing, media archiving, or accessibility tools, this version tightens the bolts where vulnerabilities existed and introduces practical features that are worth your time. Let’s get into the specifics. Security Fixes That Can’t Wait Right off the bat: if your workflow touches H.266 video files , stop what you’re doing and make plans to patch. GStreamer 1.26.3 fixes what can only be described as a gaping hole in the H.266 parser. Before this release, parsing maliciously-crafted H.266 streams could expose your system to exploits—a chilling thought for anyone managing production assets. This isn’t theoretical; media parsers are notorious for being targeted due to their complexity and the sheer variety of inputs they deal with. This fix alone is enough to warrant the upgrade. There’s also a quieter, but no less important, effort to shore up security in how subtitles are parsed. It’s a reminder that even those seemingly mundane .srt or .ass files hold the potential for destructive payloads. If you’re a Linux admin overseeing systems handling media ingest, staying one step ahead of these risks is just part of the job. Version 1.26.3 is a step in the right direction. Features That Actually Change the Game This release isn’t just about plugging security gaps; it brings new tools to the table as well. And let’s be clear—these aren’t throwaway “nice-to-haves.” They’re features with real-world applications, especially if you’re managingperformance-critical setups. Take the new speech synthesis element, built on the ElevenLabs API. It’s modern, streamlined, and finally opens GStreamer to workflows requiring text-to-speech conversion. Think accessibility enhancements, dynamic audio generation for automated platforms, or specialized educational tools. If these sound niche, consider how industries are leaning hard into voice-enriched UIs and the demand for real-time voice generation at scale. This is GStreamer acknowledging that those tools matter, and it’s making the integration painless. Another standout addition: thread-sharing 1:N inter-source and sink elements. For those running complex multimedia pipelines—think workloads with heavy concurrent input/output—you’re going to want to give this one a close look. It’s designed to let multiple sources share threads more efficiently. What does that mean in practice? Fewer headaches managing system resources and noticeably smoother performance under load. If you’ve got a multimedia server churning through simultaneous video streams, these optimizations could be your unsung hero. Fixes That Stabilize the Foundation Sure, incremental fixes don’t grab headlines. But when they directly address things like runaway memory consumption or codec misbehavior, they’re not to be overlooked. Version 1.26.3 includes a grab bag of improvements targeted at stability and reliability. The MP4 muxer has received some overdue polish, solving issues with memory overhead, GOP structuring, and large file creation. For admins stuck debugging files that don’t play nicely with downstream apps, this is a welcome fix. WebRTC improvements are another highlight, with updates to LiveKit and WHIP signaling, enhancing reliability for real-time communication (RTC) systems. Whether it’s video calls or live media streaming, those small fixes amplify usability across the board. RTP and H.265 pipelines also see targeted updates. Depayloader tweaks and congestion handling improvements tighten upstreaming scenarios, ensuring fewer disruptions. And for anyone building long-term solutions on GStreamer, these fixes add up. They further cement its reputation as a framework designed to handle multimedia pipelines without collapsing under the weight of complexity. What Should Linux Admins Be Doing Next? If you’re running GStreamer in any form—be it for a home-brew media server or a massive production environment—the risks of not upgrading outweigh the effort. Security alone justifies the jump to 1.26.3. But even if you’ve got your threat vectors under control, the performance enhancements and new features should have your attention. The logical first step is obvious: upgrade to 1.26.3. But don’t stop there. Start auditing how your applications interact with GStreamer pipelines. Do you have dependencies that could benefit from the ElevenLabs integration? Are you managing high-workload cases where thread-sharing inter elements might give you better throughput? These aren’t rhetorical questions—they’re exactly the kind of assessments that keep a multimedia infrastructure running smoothly. This might also be a good time to revisit your overarching roadmap for multimedia tech. GStreamer 1.28 is on the horizon. Staying up to date at each minor release ensures you’re never scrambling to overhaul dependencies after a long period of neglect. And let’s not forget, robust pipelines don’t just optimize performance—they mitigate risks. Our Final Thoughts on the GStreamer 1.26.3 Release GStreamer 1.26.3 is the release you skip at your peril. Between critical security fixes, forward-thinking features, and tightened stability, it’s clear the developers are focused on solving real problems media admins face every day. Look, I get it—upgrading isn’t always convenient, especially in tightly controlled environments. But the risks of staying behind—whether it’s exposure to exploits or inefficiencies that creep up as your workloads grow—aren’t something you can affordto ignore. For Linux admins and infosec professionals, this version represents more than just another step forward. It’s a chance to strengthen your systems today—and lay the groundwork for tomorrow. Don’t wait too long on this one. Build, test, audit, and deploy the upgrade. You’ll thank yourself when the workload spikes—or the logs catch something your old version never would have seen coming. . Significant improvements in GStreamer 1.26.3 address a critical H.266 vulnerability while expanding media handling capabilities.. GStreamer Security, H.266 Parser Fix, Multimedia Pipeline, Open Source Security, Performance Enhancement. . Brittany Day

Calendar%202 Jun 28, 2025 User Avatar Brittany Day Vendors/Products
210

Linux: Firefox 138 Critical Security Update 2025:0034-1

With all the browser options available to Linux users, Mozilla Firefox continues to stand out in its dedication to security and privacy. Its latest release, Firefox 138 , focuses again on fortifying users' safety against mounting cyber threats. . This update offers crucial improvements and bug fixes worth taking advantage of, especially for us admins responsible for ensuring secure and dependable browsing experiences across our organizations' infrastructure. Let's examine the critical security flaws fixed in Firefox 138, the exciting new security and usability features introduced in this release, and the tools and resources added to support better web development. We'll also share tips for ensuring a seamless transition to Firefox 138 so you can get started without hesitation or disruption to your workflow. Understanding the Importance of Firefox Updates Updating software regularly is basic cyber hygiene . Yet, when it comes to web browsers constantly exposed to the internet's many threats, this practice is an absolute necessity. With Firefox 138, Mozilla demonstrates a proactive approach to patching vulnerabilities that, if left unaddressed, could be exploited by malicious actors to gain unauthorized access to systems, steal sensitive data, or perform other nefarious activities. Let's dive into this update's core components to help you understand what it means for us Linux users and how we can transition to this more secure version. Security Fixes: What’s Been Patched and Why It Matters In this release, Mozilla has resolved several high-severity vulnerabilities that had been a cause of concern for developers and users alike. These include memory safety bugs and critical vulnerabilities affecting components like WebGL, audio context, and browser UI elements like the address bar and popup windows. Leaving these vulnerabilities unpatched could have profound implications. Memory safety bugs, for example, can result in unexpected crashes or even allow attackers to executearbitrary code on the user’s machine. This could lead to unauthorized data extraction, installation of malware, or infrastructure-wide sabotage if the system is part of a network. Mozilla's diligent response in addressing these vulnerabilities helps to reduce the attack surface significantly, reminding us of the importance of immediately adopting this new version. Improving User Security: New Features and Improvements Beyond patching existing vulnerabilities , Firefox 138 introduces several new features to improve user security and privacy. One notable advancement is the enhanced support for the Clear-Site-Data header, which allows users to seamlessly clear the network cache upon logout. This functionality mitigates risks associated with session hijacking and other privacy breaches that could result from data remnants left behind after online activities. Additionally, autofill and address handling have substantially improved, especially in managing forms with dynamic fields. This is particularly beneficial for users handling sensitive information such as payment details or personal information, assuring them that their data is better protected against unauthorized access. Improving functionality for web developers also simplifies incorporating secure practices into their applications. A new addition is import attributes, which allow developers to pass metadata when importing modules, providing them with greater control and security over the modules their applications use. Usability Features Tailored for Diverse Workflows While security remains the primary focus, Firefox 138 also introduces enhancements that directly affect user efficiency and productivity. The new tab group management feature allows users to organize tabs into groups and reposition them along the tab bar. Such capabilities are especially useful in enterprise settings, where efficiently managing large numbers of tabs and tasks can directly correlate with productivity. Another subtle yet impactful update is the ability tocopy links from background tabs through the tab context menu. This change simplifies workflows and facilitates seamless navigation, particularly in research-heavy environments. Firefox 138 will progressively roll out features like weather-related suggestions and profile management enhancements for some users. These features represent Mozilla’s ongoing commitment to personalized and intuitive user experiences. While adopters might not see these changes immediately, it is crucial to stay informed and ready to take advantage of these functionalities as they become available . Developer Insights: Tools and Resources for Better Web Development Linux administrators who oversee the development and deployment of web-based applications will find some updates in Firefox 138 particularly beneficial. For instance, the Import Maps integrity field lets developers verify the integrity of JavaScript modules during imports, strengthening application security by ensuring that modules have not been tampered with. Extended support for Error.captureStackTrace also streamlines debugging across different browsers. The improvements in the network panel display, offering full request paths, provide developers with more clarity and control during troubleshooting, ultimately making the environment more robust against potential vulnerabilities or misconfigurations. Seamlessly Transitioning to Firefox 138 Deploying Firefox 138 is straightforward for Linux administrators ready to harness these enhancements. Depending on the environment, various methods are available to update or install this version, including using package managers, downloading directly from Mozilla, and using Snap or Flatpak packages. Updating through your distribution’s package manager usually ensures that you maintain integration with your system's broader package update routines. However, if you need immediate access to the latest version, consider downloading from Mozilla's FTP server . Alternatively, Snap and Flatpak offer universalpackage management solutions that ensure Firefox stays updated with less direct input from the user. Our Final Thoughts on the Significance of the Firefox 138 Release Maintaining secure systems and applications may seem elusive, but updating web browsers with security patches provides one effective preventative strategy to address potential security breaches. From managing individual Linux workstations to overseeing an expansive enterprise network, upgrading to Firefox 138 is essential to protecting digital assets and personal information. Staying abreast of software updates in today's cyberthreat-filled environment is more than an IT best practice; it's vital for your organization's defenses. Thanks to Mozilla Firefox 138 for Linux, admins can feel safe knowing they have a browser that prioritizes security and usability. This gives us peace of mind, preparing us for today's challenges while creating a safer web browsing experience. . Mozilla Firefox 138 brings significant updates addressing critical issues, enhancing both security and user experience for Linux users.. Firefox Update, Linux Browser Security, Software Patch, User Experience Improvements. . Brittany Day

Calendar%202 May 08, 2025 User Avatar Brittany Day Security Vulnerabilities
78

Nvidia: Critical Security Advisory on Driver Flaws: DoS, Data Tampering

Nvidia's recent announcement regarding multiple significant vulnerabilities in their GPU display drivers and VGPU software has presented admins relying on these drivers with significant security challenges. Mid-January updates revealed seven distinct security flaws that may compromise system security and stability for those using this hardware. . Two high-severity issues pose extreme threats ranging from data tampering, denial of service attacks, information disclosure, or code execution if left unaddressed. To help you understand and mitigate these flaws, we'll explore these bugs in more depth and share proactive strategies for securing your Linux environment. Understanding These Nvidia GPU Driver Vulnerabilities Nvidia's January updates addressed seven vulnerabilities in their GPU display driver and VGPU software, with two being critical vulnerabilities affecting access to filesystem resources and memory leakage. While some vulnerabilities pose less risk than others, leading to scenarios like unauthorized file access or memory leaks, more serious ones present the opportunity for denial of service attacks, data tampering, or complete system compromise through code execution. CVE-2024-0149 and CVE-2024-0146 are of particular concern to Linux administrators. CVE-2024-0149 allows unauthorized file access on Linux drivers, potentially leading to leakage of sensitive information. In contrast, CVE-2024-0146 can lead to denial of service attacks, data tampering, information disclosure, and code execution attacks against VGPU software. Given their ability to severely disrupt operations while jeopardizing data integrity, these vulnerabilities must be considered top priorities by admins. Updating Your Drivers: The First Line of Defense One key way for us Linux admins to protect against vulnerabilities is to update all Nvidia drivers to the most recent versions. Nvidia has released new versions, including 553.62 and 539.19, that contain patches for these security flaws. Running outdateddrivers exposes your systems to potential exploits. To check your current driver version, use the nvidia-smi command. This utility provides all necessary details about your Nvidia drivers - including their version. Once identified, compare this version against Nvidia's recommended safe versions. If your version is outdated, download and install the latest drivers from their official site. Maintaining system security demands that regular updates be enabled wherever possible or even automatically updated where applicable. By adhering to a set schedule or activating automatic updates where feasible, you can ensure your drivers remain up-to-date and shield against newly discovered vulnerabilities as soon as patches become available. Monitoring and Incident Response At the same time as proactive updates, regularly monitoring your systems is vital. Implementing reliable monitoring tools can detect unusual activity that may indicate an exploitation attempt, such as unexpected spikes in resource consumption, attempts at unauthorized entry, or unusual system behavior. By recognizing anomalies early, you can either prevent potential breaches from happening altogether or minimize their impact. It is also vital to have an effective incident response plan. This should outline what steps should be taken in case of an actual or suspected security breach, so review and practice it regularly with your team so it remains ready. Quick response time can significantly mitigate damage caused by exploits while helping you quickly return to normal operations. The Importance of Backups Never underestimate the importance of regular backups in maintaining a robust security posture. Backups provide you with a safety net in case an attack succeeds and data integrity is compromised, so ensure all critical data is regularly backed up securely in multiple locations. Additionally, test these backups periodically so they can be fully restored when required. Maintaining an extensive backup schedule mightseem like an additional task, but in a severe security breach, having reliable backups can be the difference between a total loss and a swift recovery. Educating Your Team Security isn't only about tools and software updates; it's about people. Ensuring your team understands potential threats and the value of regular updates can make a real difference in incorporating security practices into their daily tasks. Conduct training sessions on recognizing signs of a breach, understanding the importance of prompt patching, and following security best practices diligently. An informed team is more likely to recognize irregularities, adhere to protocols thoroughly, and respond swiftly and appropriately when receiving security alerts. Fostering security awareness within your team will boost your overall defenses against vulnerabilities. Our Final Thoughts on Mitigating These Recent Nvidia Bugs Nvidia's recent alert highlights the importance of maintaining system security through careful vigilance. By staying informed about driver updates, implementing regular monitoring, creating robust incident response plans, and cultivating security awareness within their systems, Linux administrators can safeguard against newly identified vulnerabilities like these. Upgrading to the most up-to-date driver versions, checking Nvidia security bulletins regularly, and following these best practices can reduce risks posed by vulnerabilities in your systems and ensure a secure environment for you and your team. . A couple of critical vulnerabilities present significant risks including unauthorized data alteration, service disruption attacks, and potential remote code execution.. Nvidia Driver Security, GPU Vulnerabilities, System Security, Linux Admin, Update Best Practices. . Brittany Day

Calendar%202 Jan 21, 2025 User Avatar Brittany Day Vendors/Products
210

CUPS: 2024-47176 critical: Remote Code Execution Risk Advisory

CUPS, or the Common Unix Printing System , is an open-source printing system widely utilized on Unix-like operating systems such as Linux, BSDs, and macOS. CUPS acts as an open-source print server, allowing a computer to become an effective print server while managing print jobs and queues and providing a standardized interface for printing services. . It was recently discovered that CUPS contains a critical vulnerability that allows remote attackers to gain entry and take control of devices remotely. Furthermore, this issue could allow unauthenticated remote code execution, meaning an attacker could gain control without prior authentication of affected systems. Let's take a closer look at this critical flaw that could lead to data theft and hijacking of affected systems. I'll then share measures you should be taking to ensure your systems and your sensitive information are secure. Understanding This Critical CUPS Flaw Simone Margaritelli disclosed this vulnerability, which was identified as affecting most Linux distributions, some BSD variants, Google ChromeOS, Oracle's Solaris, and potentially other systems where CUPS is used. The main issue is related to the cups-browsed service. The vulnerability, tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters), allows a remote, unauthenticated attacker to exploit CUPS via network access in the following way: Access Point: The main entry point is UDP port 631, which CUPS uses for incoming print jobs and administrative tasks. Spoofing Mechanism: If direct access to port 631 is unavailable, attackers might use spoofing techniques involving zeroconf, mDNS, or DNS-SD advertisements. Command Execution: By exploiting this vulnerability, an attacker can silently replace existing printers' IPP URLs with malicious ones or install new printers. When a print job is queued, the malicious URL triggers arbitrary command execution, granting the attackercontrol over the system. This can be particularly dangerous when printing services are exposed to the local network or the internet. What Is the Impact of This Vulnerability? This vulnerability has an estimated CVSS severity score of 9.9 out of 10, which indicates high impact and low complexity to exploit. Its scope of impact is wide-reaching, potentially impacting hundreds of thousands of devices exposed to the internet, including most Linux distributions, certain BSDs, ChromeOS Solaris systems, and systems using CUPS printers. If successful exploitation occurs, consequences could include anything from unauthorized access and data theft through system takeover to disrupting essential infrastructure services reliant on Linux systems. Protection Measures for Users & Admins Does this critical flaw impact your systems? If so, don't stress! To mitigate this security risk, users and administrators should immediately implement the mitigation strategies discussed below. Disable and Remove cups-browsed: Disable the cups-browsed service if it's not needed. Remove the cups-browsed package if it's not required. sudo systemctl stop cups-browsed sudo systemctl disable cups-browsed sudo apt-get remove --purge cups-browsed Update CUPS Installation: Regularly check for updates to CUPS and apply security patches released by your distro(s). sudo apt-get update sudo apt-get upgrade cups Network Configuration: Block access to UDP port 631 using firewall rules to prevent exposure to the network/internet. Consider blocking DNS-SD traffic if it's not needed. sudo ufw deny 631/udp Monitor for Further Guidance: Follow security bulletins and advisories from your OS maintainers and CUPS developers to stay updated with new information about this vulnerability and additional protective measures. Assess Your Risk: Evaluate how exposed your systems are to this vulnerability. Systems that are firewalling CUPS or do not havecups-browsed installed are likely secure from this issue. Our Final Thoughts on This Severe CUPS Flaw These recently disclosed vulnerabilities in CUPS pose a severe security threat to devices running Unix-like operating systems. Admins must take swift action to mitigate this threat by disabling unnecessary services, updating software, and restricting network access. These steps will help protect your systems against remote hijacking attacks, data theft, and other damaging attacks. . Severe CUPS flaw enables remote code execution, posing threats of data breach and system takeover on Linux platforms.. CUPSVulnerability,RemoteExploit,SystemHijacking,CUPSUpdate. . Brittany Day

Calendar%202 Oct 01, 2024 User Avatar Brittany Day Security Vulnerabilities
210

Debian LTS: High Severity DoS And Privilege Escalation in Xorg

Several vulnerabilities have been found in the widely used Xorg X server, the most severe being an out-of-bounds write flaw due to an incorrect calculation of a buffer offset ( CVE-2023-5367 ). Due to how easy this vulnerability is to exploit and its significant threat to the confidentiality, integrity, and availability of impacted systems, this bug has received a National Vulnerability Database base score of 7.8 out of 10 (“High” severity). . How Does This Vulnerability Affect My Linux Systems? This severe vulnerability could result in privilege escalation and denial of service (DoS) attacks, resulting in loss of system access and allowing an attacker to see additional infrastructure to attack, add or delete users, or modify permissions of files or other users. What Can I Do To Stay Safe? An essential Xorg security update has been released to mitigate this dangerous vulnerability. Given this vulnerability's severe threat to impacted systems, if left unpatched, we strongly recommend that all affected users apply the updates released by Debian , Debian LTS , Fedora , Oracle , SciLinux , Slackware , and Ubuntu as soon as possible to prevent attacks potentially resulting in downtime and system compromise. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . A critical flaw in the Xorg display server impacts Linux environments, enabling potential service interruptions and unauthorized access unless rectified.. Xorg Security Update, DoS Threat Fix, Privilege Escalation Defense. . Brittany Day

Calendar%202 Nov 13, 2023 User Avatar Brittany Day Security Vulnerabilities
210

Curl: Scheduled Update to Address Critical Issues Found Recently

Developers behind the open source library described one Curl vulnerability as one of the worst they've ever encountered. . The developers behind the Curl library are set to release a patch for two as-yet-undisclosed vulnerabilities that present a serious risk to the thousands of software applications that use the library every day. Curl 8.4.0 will drop at 6:00 UTC on October 11, less than a month after the release of Curl 8.3.0, in a scramble to address the flaws before attackers can exploit them. The vulnerabilities are tracked as CVE-2023-38545 and CVE-2023-38546, with severity ratings of ‘high’ and ‘low’ respectively. Curl creator Daniel Stenberg stated that CVE-2023-38545 is “probably the worst curl security flaw in a long time”. . The team behind Curl is deploying immediate updates to address severe security flaws impacting a wide array of software packages.. Curl Patches, Open Source Security, Software Vulnerabilities, Curl Library, Security Updates. . Brittany Day

Calendar%202 Oct 10, 2023 User Avatar Brittany Day Security Vulnerabilities
79

Assessing Microsoft RNDIS Protocol Security Risks in Linux Systems

Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS) , started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. . As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML) , "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again." He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol . As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality." . The Linux community investigates the vulnerabilities inherent in Microsoft's RNDIS protocol and its potential risks for safeguarding networks against unverified devices.. Microsoft RNDIS, Linux Kernel Security, USB Network Vulnerability. . LinuxSecurity.com Team

Calendar%202 Oct 05, 2023 User Avatar LinuxSecurity.com Team Security Projects
83

Understanding Malware Risks From Free Download Manager on Linux

We do not often talk about Linux malware because it is often quickly patched up and not exploited much in the wild compared to Windows/macOS. However, there has been a concern regarding the Free Download Manager (a decently popular cross-platform download manager). . While we do not recommend it on our available for Linux, some of our readers have suggested it in the past. And I have used it as well up until now on Windows. So, what is the issue? Free Download Manager is not malware . However, a malicious package for Linux was found, distributed as Free Download Manager. Security researchers at Kaspersky discovered that it existed for at least two years ( 2020-2022 ) without users knowing what they were installing. . Uncover the issues related to Free Download Manager and the potential threats posed by malware for Linux users. Keep yourself updated!. Linux Malware, Security Issue, Download Manager, Cyber Threats, User Concerns. . LinuxSecurity.com Team

Calendar%202 Sep 13, 2023 User Avatar LinuxSecurity.com Team Hacks/Cracks
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200