The Hacker News

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Showboat targets Linux telecom systems since mid-2022, enabling C2 access, proxying, and file theft across multiple countries ...

Chinese hackers target telcos with new Linux, Windows malware

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows ...
CSO Online

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

The latest SHub macOS infostealer variant abandons Terminal-based ClickFix tactics for AppleScript execution, using fake ...
MUO on MSN

This Linux shell gives you the terminal features Bash forgot to add

Finally a terminal that treats modern Linux tools as the baseline, not an afterthought.

Linux kernel flaw opens root-only files to unprivileged users

Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, ...

The 4th Linux kernel flaw this month can lead to stolen SSH host keys

The good news is there's already a patch. The bad news is that the fix isn't available for all Linux distributions yet.
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Infosecurity Magazine

Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities

Two new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most ...

Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He's covered a variety of topics ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...