Tag: malware

  • Critical Vulnerability on sudo

    Critical Vulnerability on sudo

    CISA Alert: Critical Vulnerability in Sudo 🚨 A new vulnerability has been added by CISA to the Known Exploited Vulnerabilities (KEV) catalog: 🔹 CVE-2025-32463CVSS Score: 9.3 (Critical) Affected: All Sudo versions prior to 1.9.17p1Platforms: All Linux distributions and Unix-like systems According to CISA:Sudo contains a flaw that allows third-party functionality to be invoked without proper…

  • Linux botnet sends DDoS

    Linux botnet sends DDoS

    Linux botnet ‘Luno’ unleashes advanced DDoS capabilities Cyble threat intelligence researchers have identified a sophisticated Linux botnet built for cryptocurrency mining, remote command execution, and dozens of DDoS attack types. Cyble Research and Intelligence Labs (CRIL) researchers have dubbed the campaign “Luno.” The malware also includes strong obfuscation and evasion features, “indicating active professional threat…

  • China Hackers use Open Source Tools

    China Hackers use Open Source Tools

    China-backed Threat Actor “UNC5174” Using open source tools in stealthy attacks.Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar. A state-backed Chinese threat actor known as “UNC5174” is using stealthy techniques and open source software to attack its victims. Cloud security…

  • ‘Free Type’ Library exploits Linux

    ‘Free Type’ Library exploits Linux

    Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk. Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write…

  • Russia targets Signal App

    Russia targets Signal App

    Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access…

  • UEFI ‘Bootkit’ hits bootloader

    UEFI ‘Bootkit’ hits bootloader

    Researchers at security firm ESET said Wednesday that they found the first UEFI bootkit for Linux. The discovery may portend that UEFI bootkits that have targeted Windows systems in recent years may soon target Linux too. Bootkitty—the name unknown threat actors gave to their Linux bootkit—was uploaded to VirusTotal earlier this month. Compared to many…