Security Leftovers

posted by Roy Schestowitz on Jan 28, 2026

• Security Week ☛ Organizations Warned of Exploited GNU/Linux Vulnerabilities

  The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root.

• LWN ☛ Security updates for Tuesday

  Security updates have been issued by AlmaLinux (kernel, kernel-rt, python-urllib3, python3.11-urllib3, and python3.12-urllib3), Debian (imagemagick, openjdk-11, openjdk-17, and openjdk-21), Fedora (bind, bind-dyndb-ldap, chromium, ghostscript, glibc, mingw-glib2, mingw-harfbuzz, mingw-libsoup, mingw-openexr, and qownnotes), Mageia (kernel-linus), Red Hat (osbuild-composer), SUSE (go1.24-openssl, go1.25-openssl, govulncheck-vulndb, kernel, nodejs22, openCryptoki, openvswitch3, python-pyasn1, python311, and qemu), and Ubuntu (git-lfs, node-form-data, and screen).

• LWN ☛ A critical GnuPG security update

  There is a new GnuPG update for a "critical security bug" in recent

  GnuPG releases.

• Security Week ☛ ‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

  The protections against NPM supply chain attacks could be bypassed, leading to arbitrary code execution.

• XSAs released on 2026-01-27

  The Xen Project has released one or more Xen security advisories (XSAs).

• Security Week ☛ Chrome, Edge Extensions Caught Stealing Abusive Monopolist Microsoft Chaffbot Sessions

  Marketed as Abusive Monopolist Microsoft Chaffbot enhancement and productivity tools, the extensions allow the threat actor to access the victim's Abusive Monopolist Microsoft Chaffbot data.

• Security Week ☛ Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

  The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features. 

• Scoop News Group ☛ Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect

  Nation-state groups are consistently exploiting the defect to target victims in military, government and technology for espionage.

• Security Week ☛ Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

  Domains set up by the threat actor suggest attacks aimed at Atlassian, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, and WeWork.

• CERT-In Flags High-Risk Chrome Flaw, Urges Immediate Update for Windows, Mac and Linux Users

  Google Chrome users in India have been advised to update their browsers without delay after the Indian government issued a serious cybersecurity warning. The alert, released by the Indian Computer Emergency Response Team (CERT-In), identifies a high-severity vulnerability that could expose millions of Windows, macOS and Linux devices to potential attacks.