Linux Foundation leader impersonated in Slack phishing campaign
The campaign targets open-source developers to steal credentials and deploy malware.
Linux
20 articles
Rethinking Linux security operations
Tool sprawl weakens Linux security — unified, AI-driven ops boost speed, context, and resilience.
Linux Foundation Leader Impersonated in Slack Attack on Open Source Developers
A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a pu...
Chaos malware expands from routers to Linux cloud servers
Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 202...
New CUPS vulnerabilities threaten RCE, network breaches
Attackers could combine a pair of newly discovered vulnerabilities in the Common Unix Printing System used by Linux and other Unix-like systems to facilitate...
BPFDoor Variants Hide with Stateless C2 and ICMP Relay Tactics
Seven new BPFDoor variants that push Linux backdoor tradecraft deep into the kernel, making them harder to spot in large telecom networks. These implants use...
Chaos malware now targeting 64-bit Linux servers
Analysis of China-nexus groups also discovers double-pronged strategy, one on immediacy, the other around long dwell times.
Hooked on Linux: Rootkit Detection Engineering
In this second part of a two-part series, we explore Linux rootkit detection engineering, focusing on the limitations of static detection reliance, and the i...
ZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to exec...
Kernel Observability for Data Movement
Kernel-level visibility reveals hidden data movement in breaches, exposing gaps in modern security tools and improving detection, compliance, and system beha...
SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools
Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live di...
ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to exec...
Scanning The Internet with Linux Tools - PSW #919
BPFdoor hides deep inside the OS kernel to target telecoms worldwide
China-linked Linux backdoor first spotted in 2021, but now runs inside the kernel of core telecom servers and Kubernetes pods.
VoidLink Rootkit Leverages eBPF and Kernel Modules to Stealthily Infiltrate Linux Systems
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity deep inside modern cloud environ...
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Dee...
Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework
Elastic Security Labs analyzes VoidLink, a sophisticated Linux malware framework that combines traditional Loadable Kernel Modules with eBPF to maintain pers...
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Un...
Codenotary introduces AgentX for autonomous Linux infrastructure security
Codenotary has announced the availability of AgentX, an autonomous platform designed to manage, secure, and protect large-scale Linux infrastructure in the c...
Kali Linux 2026.1 Launches With 8 New Hacking Tools for Penetration Testers
Offensive Security has officially released Kali Linux 2026.1, marking the first major update of the year for the popular penetration testing distribution.