#linux

Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks.

IBM recently released their 2025 X-Force Cloud Threat Intelligence Index Report.Within the report and in collaboration with Red Hat Insights, “IBM X-Force found that more than half of Red Hat Enterprise Linux customers' environments had not deployed a patch for at least one critical CVE in their environment, and 18% had not patched five or more. At the same time, IBM X-Force found the most active ransomware families (e.g., Akira, Clop, Lockbit and RansomHub) are now supporting both Windows and Linux versions of their ransomware.”Red Hat Insights can help you better understand your overall

Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. "The controller could open a reverse shell," Trend Micro researcher Fernando Mercês said in a technical report published earlier in

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: M2M Gateway Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing Release of Memory after Effective Lifetime, Allocation of Resources Without Limits or Throttling, Improper Privilege Management, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Calculation of Buffer Size, Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), Access of Resource Using Incompatible Type ('Type C...

NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies.

Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.

From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Arctic Wireless Gateways Vulnerabilities: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Improper Privilege Management, Exposure of Sensitive Information to an Unauthorized Actor, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could run arbitrary code in the product with privileged user permissions or could lead to a denial of service or tampering with unencrypted traffic. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports there are vulnerabilities in the Telit PL62-W wireless modem module used in the following products: Arctic ARP600, ARC600, ARR600: Firmware versions 3.4.10, 3.4.11, 3.4.12, 3.4.13 (CVE-2024-6387) Arctic Wireless Gateways ARG600, AR...

Google has issued patches for 62 vulnerabilities in Android, including two actively exploited zero-days.