OrBit Rootkit Targets Linux to Steal SSH and Sudo Credentials
Hackers are continuing to abuse a stealthy Linux rootkit known as OrBit to harvest SSH and sudo credentials, with new research showing the threat has quietly...
Linux
20 articles
Rocky Linux launches opt-in security repository for urgent fixes
Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public ex...
Meet Fragnesia, the third Linux kernel vulnerability in a month
Linux admins reeling from handling last month’s CopyFail and last week’s Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. “This...
Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation
A new Linux kernel local privilege escalation exploit with a public proof-of-concept targets the same subsystem as Dirty Frag but requires a separate patch. ...
Linux Kernel bug Fragnesia allows local root access attacks
Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed...
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The fla...
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail. The post New Linux Kernel Vulnera...
New Fragnesia Flaw Hands Linux Local Users Root Access
New Fragnesia kernel flaw lets unprivileged local users escalate to root on Linux systems
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks
A newly disclosed vulnerability in the widely used Exim mail transfer agent exposes thousands of internet-facing mail servers to unauthenticated remote code ...
New Fragnesia Linux flaw lets attackers gain root privileges
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) th...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain ro...
PoC Exploit Released for Fragnesia Linux Flaw Enabling Root Access
A newly discovered Linux local privilege escalation vulnerability, dubbed “Fragnesia,” is sending shockwaves through the cybersecurity community. This critic...
KDE gets over €1 million investment to strengthen security and core infrastructure
European governments and public institutions have been shifting away from proprietary software for years, and the financial infrastructure supporting open-so...
Linux maintainer proposes runtime killswitch for vulnerabilities
Linux kernel co-maintainer Sasha Levin has proposed a runtime killswitch mechanism, accessible via securityfs, to temporarily disable vulnerable kernel funct...
When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug
We investigated a bug where CUBIC's congestion window became pinned at its minimum floor, causing a performance to plummet. The fix involved correctly measur...
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Linux server admins may get the ability to turn off a vulnerable function in the OS kernel until a patch for a zero-day vulnerability is ready, if a proposal...
Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities
Two new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux distributions
New PamDOORa Linux backdoor sold on cybercrime forum
PamDOORa functions as a post-exploitation toolkit, enabling attackers to gain persistent access to Linux systems (x86_64) through a "magic password" and a sp...
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnera...
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.