Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
83
cybersecurityransomwaresoftware patchingEternalBlue Exploits: Ransomware Threats Affecting US Cities
The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns. . Microsoft has issued fixes for affected Windows version after the NSA disclosed the long-secret vulnerabilities. However, these attacks frequently succeed due to fragmented local governments that tend to be cautious about upgrades. In addition to using a mishmash of software and configurations that complicates updates, cities may be hesitant to patch or upgrade their software due to compatibility concerns and tight budgets. The link for this article located at Engadget is no longer available. . Data breaches across urban centers in America leverage compromised NSA software, resulting in extensive ransomware outbreaks.. Ransomware Attacks,EternalBlue Exploit,Cybersecurity Measures,Local Government Software,Patching Challenges. . LinuxSecurity.com Team
May 26, 2019
•
Hacks/Cracks
78
security advisoryrisk assessmentcommunication issuesExploring Vendor Transparency In Software Patching Challenges
In recent years, software manufacturers appeared to be increasing the transparency of communication about bugs. The Internet has allowed for rather rapid delivery of software patches, and Microsoft Corp. even releases details in its security bulletins and accompanying Webcasts. However, all is not what it seems.... However, Core Security Technologies has revealed that in April, Microsoft patched two vulnerabilities that it did not disclose. While researching the fixes issued by Microsoft in Microsoft's Security Bulletin MS10-024 published April 13, 2010, exploit specialist Nicol The link for this article located at Internet Evolution is no longer available. . Explore the hidden truths surrounding vendor software updates and the unnoticed nuances. Grasp the implications for cybersecurity.. Vendor Communication, Patch Management, Security Bugs. . LinuxSecurity.com Team
May 17, 2010
•
Vendors/Products
77
denial of servicesecurity assessmentDNSSecurity Assessment of BIND DNS Servers: Risks and Impacts
DNS servers across the Internet running BIND are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. Considering that DNS is the lynchpin of the corporate enterprise, the impact of these vulnerabilities is significant and a successful attack could bring down any online business.. . .. DNS servers across the Internet running BIND are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. Considering that DNS is the lynchpin of the corporate enterprise, the impact of these vulnerabilities is significant and a successful attack could bring down any online business. Abstract This Research Report presents an overview of the current security posture of DNS servers found across the Internet. The report also covers the following: A summary of some of the finer points of the DNS protocol A discussion of why DNS is such a key component in the infrastructure of the Internet A summary of the BIND software, the most widely used DNS implementation available A presentation of empirical data that underscores the past and present state of security in BIND servers, including correlating the meteoric increase in size of the code-base with the number of publicly-reported vulnerabilities Introduction The Domain Name System (DNS) is the protocol that makes up the Internet's distributed name and address database. Originally implemented to make the Internet user-friendly, DNS quickly became the lynchpin in the intricate engine under the hood of the Internet. To understand why, we must first understand a bit about how the Internet is put together at the network level. The link for this article located at Mike Schiffman is no longer available. . BIND DNS servers are vital to internet infrastructure but are vulnerable tothreats like DNS amplification and cache poisoning. Outdated patches can lead to significant risks, affecting trust and data integrity.. DNS Security, BIND Software, Internet Integrity, Server Risks, Network Security. . LinuxSecurity.com Team
Mar 06, 2003
•
Server Security
83
cyber attacksecurity incidententerprise securityMicrosoft Network Breach: Unpatched Flaws Cause Another Incident
Microsoft's internal network has been broken into for the second time in as many weeks by a hacker who exploited the fact that the software giant had not applied its own security patches. . Microsoft's internal network has been broken into for the second time in as many weeks by a hacker who exploited the fact that the software giant had not applied its own security patches. The link for this article located at vnunet.com is no longer available. . Another breach hits Microsoft's internal network, caused by unresolved security vulnerabilities; discover the potential repercussions of this incident.. Microsoft Security, Network Breach, Software Patching, Cyber Attack, Enterprise Security. . LinuxSecurity.com Team
Nov 07, 2000
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More