March 29, 2024 at 01:55PM Red Hat issues urgent warning regarding backdoor discovered in the latest XZ Utils data compression tools and libraries in Fedora development versions. The malicious code, assigned a 10/10 critical severity score, compromises sshd authentication, potentially allowing unauthorized remote system access. Users are advised to revert to uncompromised version and monitor … Read more
November 21, 2023 at 01:01PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their systems against an actively exploited vulnerability called ‘Looney Tunables.’ The vulnerability allows attackers to gain root privileges on major Linux distributions. The flaw affects popular platforms like Fedora, Ubuntu, and Debian. Administrators are advised to … Read more
October 10, 2023 at 04:47PM Researchers have discovered a vulnerability in a library used by the GNOME desktop environment for Linux systems. Exploiting the vulnerability through a malicious link could allow attackers to take over machines. The issue lies in a dependency called “libcue” used by a default GNOME application called “tracker-miners.” The researchers have … Read more
October 10, 2023 at 12:07PM Researchers have discovered a high-severity remote code execution (RCE) vulnerability in a component of GNOME-based Linux distros. Tracked as CVE-2023-43641, the exploit takes advantage of the libcue library, used to parse cue sheets, and the tracker-miners application. The vulnerability affects all GNOME-based distros and can be triggered by downloading a … Read more
October 10, 2023 at 09:54AM GitHub’s Security Lab warns Linux users about a remote code execution vulnerability in the Libcue library used by GNOME. The flaw, tracked as CVE-2023-43641, can be exploited by getting the user to click on a malicious link, causing the attacker’s code to be executed. The PoC exploit will be released … Read more
October 9, 2023 at 04:11PM Proof-of-concept (PoC) exploits for the critical buffer overflow vulnerability in the GNU C Library (glibc) have been developed, putting Linux systems at risk. The flaw, disclosed by Qualys researchers, could lead to unauthorized data access and system alterations, potentially granting attackers root privileges. Linux root takeovers are highly dangerous as … Read more