Linux
Explore the world of Linux with updates, reviews, and news about various Linux distributions. Learn about software compatibility, installation guides, and performance optimization for different Linux environments. Whether you’re a beginner or an advanced user, find tips and tutorials to enhance your Linux experience.
New Ubuntu Linux security bypasses require manual mitigations
Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has […]
Kali Linux 2025.1a released with 1 new tool, annual theme refresh
Kali Linux has released version 2025.1a, the first version of 2025, with one new tool, desktop changes, and a theme refresh. Kali Linux is a distribution created for cybersecurity professionals and ethical hackers to red team exercises, penetration testing, security audits, and research against networks. As is typical for the year’s first version, the Kali […]
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed ‘Auto-Color’ was observed in attacks between November and December 2024, targeting universities and government organizations in North America and Asia. According to Palo Alto Networks’ Unit 42 researchers who discovered the malware, it is highly evasive and difficult to remove from infected systems, capable of maintaining access for extended periods. The […]
Fake Homebrew Google ads target Mac users with malware
Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. The malicious Google ads campaign was spotted by Ryan Chenkie, who warned on X about the risk of malware infection. The malware used in […]
Over 660,000 Rsync servers exposed to code execution attacks
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage. It supports local file systems […]
Kali Linux 2024.4 released with 14 new tools
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some features. Kali Linux is a distribution created for cybersecurity professionals and ethical hackers to perform penetration testing, ethical hacking, vulnerability research, security audits, and red team exercises. With this final […]
New stealthy Pumakit Linux rootkit malware spotted in the wild
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. The malware is a multi-component set that includes a dropper, memory-resident executables, a kernel module rootkit, and a shared object (SO) userland rootkit. Elastic Security discovered Pumakit in a suspicious binary (‘cron’) upload […]
Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04. The flaws were discovered by Qualys and are tracked as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. They were introduced in needrestart version 0.8, released in April 2014, and fixed only […]
Windows infected with backdoored Linux VMs in new phishing attacks
A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they breach a network. A […]
New FASTCash malware Linux variant helps steal money from ATMs
North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. Previous variants of FASTCash targeted Windows and IBM AIX (Unix) systems, but a new report by security researcher HaxRob reveals a previously undetected Linux version that targets Ubuntu […]