Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the resulting botnet as part of a Monero cryptomining operation.
A new Linux malware masquerading as a Gnome shell extension and designed to spy on unsuspecting Linux desktop users was discovered by Intezer Labs' researchers in early July.
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
Microsoft will begin to ship an in-house custom built Linux kernel starting with the Windows 10 Insider builds this summer. This kernel is to become the backbone for the new Windows Subsystem for Linux 2.0 or WSL2.
A critical Atlassian Confluence Server vulnerability is being remotely exploited by attackers to compromise both Linux and Windows servers, allowing them to drop GandCrab ransomware and the Dofloo (aka AES.DDoS, Mr. Black) Trojan.
The just-released Windows 10 20H1 Build to the Skip Ahead ring comes with a new feature designed to allow Insiders to access the Windows Subsystem for Linux (WSL) filesystem using the Windows Explorer.
A researcher has discovered a new vulnerability called "Dirty_Sock" in the REST API for Canonical's snapd daemon that can allow attackers to gain root access on Linux machines. To illustrate how these vulnerabilities can be exploited, the researcher has released to PoCs that use different methods to elevate privileges.
The Speculative Store Bypass Disable (SSBD) bit will be toggled off for programs that do not require the extra protection against the Spectre Variant 4 hardware security issue according to a proposed Linux kernel patch
The Wine 4.0 release adds a number of major new features such as support for the cross-platform Vulkan and the Windows Direct3D 12 3D graphics APIs, as well as for Android High-DPI and game controllers.
A remote code execution bug was discovered by security contractor Max Justicz in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. The bug has been fixed today in the latest versions of APT.
According to new data by TrendMicro, attackers utilizing the Emotet banking Trojan predominantly used internet provides in the U.S.A. to host their Command & Control infrastructure.
Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices.
If you have administered Windows computers or assisted in Windows malware removal, then there is a good chance you have heard of the popular free Sysinternals utilities.
In a mailing list message on Sunday, Linus Torvalds apologizes for a lifelong of outbursts and snappy retorts at developers that may have driven them away from the Linux project.
Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been removed thanks to the quick intervention of the AUR team.
Exploit broker Zerodium is offering rewards of up to $500,000 for zero-days in UNIX-based operating systems like OpenBSD, FreeBSD, NetBSD, but also for Linux distros such as Ubuntu, CentOS, Debian, and Tails.
An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files.