Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
78
security advisorybrowsermemory managementFirefox 6 Beta Offers Security Upgrades and Tablet Enhancements
The latest Firefox beta jumps to version 6 and lands with improvements made to security, tablet appearance, memory management, and Android fixes. Download for Windows, Mac, Linux, and Android, Firefox 6 beta comes with a laundry list of changes made to both desktop and mobile platforms. . Some of the changes were included in the developer's Aurora release of Firefox 6, such as the built-in verification tool for plug-ins like Adobe Flash, better memory management for the Panorama grouping feature, a Chrome-style Scratchpad for testing out JavaScript snippets, and a new window for fine-tuning Web site permissions. Other changes are new. One minor tweak, called domain highlighting, will help you read the domain of the Web site you're on more easily. This is a small but important change that people can use to visually verify that they are at the correct URL--for online banking, for example--as opposed to a spoofed one that's likely to be malicious. The link for this article located at CNET Blogs is no longer available. . Explore the latest enhancements in Firefox 6 beta, showcasing fortified security protocols, optimized memory usage, and refinements for tablet functionality.. Firefox Beta, Enhanced Security, Tablet Features, Memory Management, Web Improvements. . LinuxSecurity.com Team
Jul 11, 2011
•
Vendors/Products
79
analysis toolweb technologyCMS detectionDiscovering Web Technologies and Content Management Systems Using WhatWeb
Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg. . The link for this article located at Darknet UK is no longer available. . Master the art of recognizing CMS platforms and various web technologies seamlessly using WhatWeb resources and methods.. Web Technology Identification,CMS Detection,Web Analytics Tools. . LinuxSecurity.com Team
Jun 01, 2010
•
Security Projects
74
security threatsopen sourcebrowser securityBrowser Security Threats Discussed at Web 2.0 Conference
Some of the leading names in the browser market took to the stage at the Web 2.0 conference here on April 16 to give an update on the state of that technology, and all agreed that security was one of the biggest challenges facing the industry. The panelists, who were tasked with addressing the topic titled "The Arrival of Web 2.0: The State of the Union on Browser Technology," hailed from the open-source community all the way to the most proprietary of companies, Microsoft, and those in between. . Chris Wilson, the platform architect for Internet Explorer at Microsoft, said that the most secure system was the one not plugged into anything, including power. "But that's not particularly useful, so coming up with an enabling scenario that is also secure is the challenge," he said, noting that if users were presented with a large screed of text requesting approval for something, research had shown that "they will click OK to anything." The link for this article located at eWeek is no longer available. . Cyber safety continues to be a significant obstacle for web browser engineers. Sarah Johnson from Mozilla emphasizes critical concerns in architecture.. Browser Security, Web Technology, Open-Source Development. . Bill Locke
Apr 18, 2007
•
Network Security
77
security risksattack vectorsprivacy issuesExploring Ajax Security Risks: Client-Side Attacks And Privacy Concerns
The ability of modern browsers to use asynchronous requests introduces a new type of attack vectors. In particular, an attacker can inject client side code to totally subvert the communication flow between client and server. In fact, advanced features of Ajax framework build up a new transparent layer not controlled by the user. This paper will focus on security aspects of Ajax technology and on their influence upon privacy issues. Ajax is not only a group of features for web developers: it's a new paradigm that allows leveraging the most refined client side attacks. . The link for this article located at ccc.de is no longer available. . The link for this article located at ccc.de is no longer available.. ability, modern, browsers, asynchronous, requests, introduces, attack, vectors. . LinuxSecurity.com Team
Jan 08, 2007
•
Server Security
77
web technologyscanning challengeclient-sideAddressing Web 2.0 Scanning Challenges In AJAX And SOAP Technologies
Web 2.0 applications are a combination of several technologies such as Asynchronous JavaScript and XML (AJAX), Flash, JavaScript Object Notation (JSON), Simple Object Access Protocol (SOAP), Representational State Transfer (REST). All these technologies, along with cross-domain information access, contribute to the complexity of the application. We are seeing a shift towards empowerment of an end-user's browser by loading libraries. All these changes mean new scanning challenges for tools and professionals. . Our target application may be accessing RSS feeds from multiple sites, exchanging information with blogs using JSON, and communicating with a stock exchange portal's Web service over SOAP. All these services are bundled in the form of Rich Internet Applications (RIA) using AJAX and/or Flash. The link for this article located at is no longer available. . Investigating hurdles in analyzing Web 2.0 user-facing elements and frameworks such as REST, XML-RPC, and XML.. Web 2.0 Scanning, Client-Side Technologies, AJAX Security. . LinuxSecurity.com Team
Nov 27, 2006
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More