Linux
Explore the world of Linux with updates, reviews, and news about various Linux distributions. Learn about software compatibility, installation guides, and performance optimization for different Linux environments. Whether you’re a beginner or an advanced user, find tips and tutorials to enhance your Linux experience.
New stealthy Quasar Linux malware targets software developers
A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers’ systems with a mix of rootkit, backdoor, and credential-stealing capabilities. The malware kit is deployed in development and DevOps environments in npm, PyPI, GitHub, AWS, Docker, and Kubernetes. This could enable supply-chain attacks where the threat actor publishes malicious packages on code distribution […]
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
CISA has warned that threat actors have started exploiting the “Copy Fail” Linux security vulnerability in the wild, one day after Theori researchers disclosed it and shared a proof-of-concept (PoC) exploit. Tracked as CVE-2026-31431, this security flaw was found in the Linux kernel’s algif_aead cryptographic algorithm interface and enables unprivileged local users to gain root privileges on unpatched […]
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. The vulnerability is tracked as CVE-2026-31431 and was discovered by the offensive security company Theori, using its AI-driven pentesting platform Xint Code after scaning the […]
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. The flaw is identified as CVE-2026-41651 and received a high-severity rating of 8.8 out of 10. It has persisted for almost 12 years in the PackageKit daemon, a background service that manages software installation, […]
New GoGra malware for Linux uses Microsoft Graph API for comms
A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. The malware is developed by Harvester, an espionage group believed to be state-baked, and is considered highly evasive due to its use of Microsoft Graph API to access mailbox data. Harvester has been active since at least […]
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Undercover. Kali is a Linux distribution designed for ethical hackers and cybersecurity professionals, with tools for red teaming, penetration testing, network research, and security assessments. This distribution is […]
New Linux botnet SSHStalker uses old-school IRC for C2 comms
A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in 1988, and its adoption peaked during the 1990s, becoming the main text-based instant messaging solution for group and private communication. Technical communities still appreciate it for its implementation simplicity, interoperability, […]
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. The framework serves as a post-compromise framework for traffic monitoring and adversary-in-the-middle (AitM) activities. It is designed to intercept and manipulate traffic destined for endpoints (computers, mobile devices, IoTs) on the network. […]
New VoidLink malware framework targets Linux cloud servers
A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for modern infrastructures. VoidLink is written in Zig, Go, and C, and its code shows signs of a project under active development, with extensive documentation, and likely intended for commercial purposes. Malware analysts […]
Kali Linux 2025.4 released with 3 new tools, desktop updates
Kali Linux has released version 2025.4, its final update of the year, introducing three new hacking tools, desktop environment improvements, the preview of Wifipumpkin3 in NetHunter, and enhanced Wayland support. Kali Linux is a distribution designed for cybersecurity professionals and ethical hackers to perform red-teaming, penetration testing, security assessments, and network research. The distribution is […]