2018年9月，安全研究人员在Linux内核中发现被标记为（CVE-2018-14634）的整数溢出漏洞（代号"Mutagen Astronomy"），影响Red Hat、CentOS和Debian发行版。普通用户可利用该漏洞获取目标系统的超级用户权限。

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...

Here's a delicious Byte of information for you. A proof of concept program on Linux was coded to exploit a known bug in how the Linux Kernel (versions 2.6.39 ...

It has been a very long time since the average computer user thought about .cue files, or cue sheets, the metadata bits that describe the tracks of an optical disc, like a CD or DVD. But cue sheets ...

LKRG (short for Linux Kernel Runtime Guard) is a loadable kernel module that continuously monitors the health and integrity ...

What just happened? Researchers have detailed a proof-of-concept firmware attack that can affect almost every existing Windows and Linux device from virtually all hardware vendors. While the ...

Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. Dubbed ...

If Marvin the Martian makes it onto your computer and does privilege escalation to take it over, we might now know just how they did it. A new Linux local privilege escalation vulnerability, dubbed ...

Researchers have uncovered a vulnerability in a library within the GNOME desktop environment for Linux systems. If embedded in a malicious link, it could enable attackers to perform machine takeover ...

ESET researchers have recently discovered a new Linux backdoor, named WolfsBane, that is being used by the China-aligned Gelsemium APT group. This is the first known instance of Gelsemium using Linux ...

Unearthed sample likely works against Linux devices from Acer, HP, Fujitsu, and Lenovo. Machines vulnerable to the exploit include some models sold by Acer, HP, Fujitsu, and Lenovo when they ship with ...

The incident highlights growing supply-chain risks in crypto security as attackers shift from code exploits to abusing trusted software distribution channels.