Security Trends 
fedora security assessment
fedora security assessment A Fedora contributor account recently came under scrutiny for apparently AI-generated activity that disrupted the project's bug tracker. . Questionable Bugzilla comments, flawed patches, and improperly closed or reassigned bugs forced maintainers to spend time cleaning up the fallout. There is no evidence that malware was deployed or a backdoor reached production, but the incident exposed a different problem. Open-source projects can be disrupted without compromising a single line of code....
Jun 12, 2026 
Security Vulnerabilities security advisory critical
security advisory critical Attackers are actively exploiting a high-severity vulnerability in Langflow , an open-source platform used to build and run AI workflows. . The flaw turns a file upload into a filesystem write, allowing a user-controlled file to escape the application's intended upload directory and land in locations Langflow was never supposed to touch. The vulnerable upload endpoint permits path traversal through crafted filenames. From there, the impact depends heavily on how the platform is deployed. A...
Jun 11, 2026 
Vendors/Productssecurity advisory linux
security advisory linux With npm v12 , dependency preinstall, install, and postinstall scripts will no longer execute automatically during package installation. Script execution will require explicit approval through new controls such as npm approve-scripts, with the change expected to arrive in July 2026. . The announcement targets a part of the software supply chain that has repeatedly appeared in package registry abuse, credential theft, and CI/CD compromise investigations. A single npm install could trigger code...
Jun 11, 2026 
Security Vulnerabilities security advisory zero-day
security advisory zero-day CISA added CVE-2026-11645 to its Known Exploited Vulnerabilities catalog after Google confirmed active exploitation of the flaw. The bug sits in V8, the JavaScript engine behind Chrome and Chromium. . That's where this gets more interesting. Most coverage will focus on Chrome because that's where the patch landed. But the affected component is V8. Chromium relies on it. Electron relies on it. Plenty of desktop software Linux users interact with every day relies on it too, often without much...
Jun 10, 2026 
Network Securitysecurity advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026 
Refine news
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
83
security advisorydata breachcustomer data exposureAdidas Reports Data Breach of Customer Data Due to Website Hack
Adidas is the latest retailer to get hit with a data breach: the athletic apparel firm said it's alerting some customers that their data may have been exposed due to a newly discovered hack of its US website. . "On June 26, Adidas became aware that an unauthorized party claims to have acquired limited data associated with certain Adidas consumers," the company said in a statement on its website. Customer contact information, usernames, and encrypted passwords were exposed in the data breach.. Nike discloses a cybersecurity incident that compromised some client information, notifying impacted customers regarding potential breaches.. Adidas Data Breach, Customer Information Exposure, Retail Security Alerts. . LinuxSecurity.com Team
Jun 30, 2018 •
Hacks/Cracks 83
security advisoryattack methodcybersecurity incidentLulzSec: Revamped Attack on Sun Newspaper Exposes Security Flaws
News yesterday that the Sun was hacked by LulzSec is just the latest in a long line of impressive hacks, but it again shows how hard it is to protect sites from such sustained, sophisticated attack.. LulzSec , a group of hackers which describes itself as, "a team of entertainment and security experts that specialise in the production of malicious comedic cybermaterials", managed to redirect visitors to the Sun's website yesterday evening to a hoax page falsely reporting that Rupert Murdoch had been found dead. It's not the first time a major UK newspaper has been hacked. Last April the Daily Telegraph saw its site hacked, apparently by a group angered by that paper's identification of Romanians as "gypsies" (they added a comment to one of paper's web pages that read, "Guess what, gypsies aren't romanians, morons.") The link for this article located at NewStatesman is no longer available. . The latest breach by LulzSec involving CNN underscores the persistent vulnerabilities websites face from advanced cyber threats.. LulzSec Hack, Web Security, Online Threats, Media Cyber Attack. . LinuxSecurity.com Team
Jul 19, 2011 • Hacks/Cracks 
83
intellectual propertycybersecurity incidentcorporate awarenessSCO Website Hack Report: Intellectual Property Protest Incident
Visitors to SCO's website this morning were treated to a rare moment of corporate self-awareness after hackers apparently replaced an image linking to the undoubtedly scintillating "Extending Legacy Applications and Databases to the Web and Wireless Devices with SCOx Web Services Substrate" with a graphic bearing the rather more promising "We own all your code - pay us all your money": . Visitors to SCO's website this morning were treated to a rare moment of corporate self-awareness after hackers apparently replaced an image linking to the undoubtedly scintillating "Extending Legacy Applications and Databases to the Web and Wireless Devices with SCOx Web Services Substrate" with a graphic bearing the rather more promising "We own all your code - pay us all your money": Naturally, we at El Reg cannot condone such behaviour and hope that the ne'er-do-well behind this piece of waggery is suitably ashamed of himself. We await his arrest and long imprisonment with eager anticipation, and if the authorities would like a clue in tracking down the culprit, they should look at what the young lady is writing on the board. The link for this article located at theregister.co.uk is no longer available. . Visitors to SCO's website this morning were treated to a rare moment of corporate self-awareness aft. visitors, sco's, website, morning, treated, moment, corporate, self-awareness. . LinuxSecurity.com Team
Dec 01, 2004 • Hacks/Cracks 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More