SecurityWeek

19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access

Introduced in 2007, the CIFSwitch Linux kernel bug allows users to modify CIFS key description fields and gain root ...
Bleeping Computer

Exploit released for new PinTheft Arch Linux root escalation flaw

A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. The ...
Bleeping Computer

Exploit available for new DirtyDecrypt Linux root escalation flaw

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. Named ...
CSOonline

New ‘Dirty Frag’ exploit targets Linux kernel for root access

The actively exploited flaw builds on Dirty Pipe and Copy Fail techniques to overwrite page cache and gain full system control. A newly disclosed Linux privilege escalation issue dubbed “Dirty Frag” ...
Dark Reading

'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

A public exploit is available for a nine-year old vulnerability that affects the Linux kernel, paving the way for root privilege escalation. The flaw, which actually is two vulnerabilities chained ...
Dark Reading

Hackers Use AI for Exploit Development, Attack Automation

Threat actors are abusing AI tools in increasingly sophisticated ways, including exploit development and attack orchestration. Google today published new research tracking how adversaries leverage AI ...
HHS

Linux Defenders Face Patch and Exploit Race

Back-to-back kernel vulnerabilities in Linux has defenders scrambling to apply defenses in the age of quick turnaround time for hackers to exploit nascent flaws. See Also: Know Thy Enemy: Threats to ...

Linux bitten by second severe vulnerability in as many weeks

Linux users have been bitten by yet another vulnerability that gives containers and untrusted users the ability to gain root access, marking the second time in as many weeks that a severe threat has ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
ZDNet

Dirty Frag is a new Linux bug putting your system at risk - and there's no easy fix yet

With one compromised account, Dirty Frag can expose your system. No patch can protect you from all possible attacks yet. To stay safe, you'll need to block several services, including VPNs. Linux has ...
The Verge

Google stopped a zero-day hack that it says was developed with AI

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS score. Google researchers found evidence in the exploit’s code that it may ...
BGR

Google Discovers The First Known Case Of Hackers Using AI To Create A Zero-Day Exploit

A new report from the Google Threat Intelligence Group (GTIG) reveals that sophisticated hacker groups have started using AI tools to help create and deploy zero-day exploits. The revelation confirms ...