The Hacker News

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

Windscribe VPN review 2026: seriously fast with features to match

Windscribe provides plenty of features, and a superb free plan.
Analytics Insight

Building better document solutions: a developer’s review of ONLYOFFICE Docs

Digital workplaces today function as interconnected systems that require document editing and collaboration tools to work together. These two elements create the ...

New Linux 'Dirty Frag' zero-day gives root on all major distros

A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux ...

Critical New Linux Zero-Day Goes Public—What Admins Need To Do Now

Hot on the heels of Copy Fail comes Dirty Frag. A Linux kernel zero-day vulnerability with no patch, giving hackers root.
Microsoft

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...
Security Boulevard

Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert

Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with ...