Security Leftovers

posted by Roy Schestowitz on Jan 23, 2026

• LWN ☛ Security updates for Thursday

  Security updates have been issued by AlmaLinux (gpsd), Debian (inetutils and modsecurity-crs), Fedora (cpp-httplib, curl, mariadb11.8, mingw-libtasn1, mingw-libxslt, mingw-python3, rclone, and rpki-client), Oracle (gimp, glib2, go-toolset:rhel8, golang, kernel, mariadb-devel:10.3, and thunderbird), Red Hat (buildah, go-toolset:rhel8, golang, grafana, kernel, kernel-rt, multiple packages, openssl, osbuild-composer, podman, and skopeo), Slackware (bind), SUSE (ffmpeg-4, libsodium, libvirt, net-snmp, open-vm-tools, ovmf, postgresql17, postgresql18, python-FontTools, python-weasyprint, and webkit2gtk3), and Ubuntu (glib2.0 and opencc).

• Security Week ☛ Old Attack, New Speed: Researchers Optimize Page Cache Exploits

  A team of researchers from the Graz University of Technology in Austria has revived page Linux page cache attacks.

• Krebs On Security ☛ Kimwolf Botnet Lurking in Corporate, Govt. Networks

  A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf's ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks.

• Security Week ☛ Atlassian, GitLab, Zoom Release Security Patches

  Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs.

• Security Week ☛ New Wave of Attacks Targeting FortiGate Firewalls

  Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations.

• Security Week ☛ Hackers Targeting Cisco Unified CM Zero-Day

  Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution.

• Pen Test Partners ☛ Preparing for the EU Cyber Resilience Act (CRA)

  TL;DR   Raising the baseline for product security  Product security has matured significantly over the last decade. Secure defaults, defined ownership of security risk, reliable update mechanisms, and structured vulnerability handling are now mainstream and well understood by experienced engineering and security teams. These practices are no longer aspirational. They are now the minimum required to build and operate digital products responsibly.