The Hacker News

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-23111 is a Linux kernel nf_tables use-after-free that lets an unprivileged local user escalate to root and escape a ...

New CIFSwitch Linux flaw gives root on multiple distributions

A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request ...
Bleeping Computer

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems

CISA has warned that threat actors have started exploiting the "Copy Fail" Linux security vulnerability in the wild, one day after Theori researchers disclosed it and shared a proof-of-concept (PoC) ...

High-severity vulnerability in Linux caused by a single faulty character

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...
PC World

Easy-to-exploit rooting flaw puts Linux PCs at risk

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that’s already being exploited in the wild and poses a serious risk to servers, desktops and other ...

CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk

CISA warns that the nine-year-old Linux Copy Fail flaw is being actively exploited, allowing local attackers to gain root access on affected systems.
The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root ...
Ars Technica

I'm not sure I really 'get' what's particularly new or useful about 'immutable Linux' distros

I've done some reading about immutable Linux distros and, well, I guess I don't get what all the fuss is about. The idea seems to be to 'harden' a system by making it hard to modify, but. . . Isn't ...