news
Security Leftovers
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, libcap, LibRaw, openssh, thunderbird, and tigervnc), Debian (libarchive and lxd), Fedora (chromium, insight, nodejs20, rust-sequoia-git, and uriparser), Mageia (kernel, kmod-virtualbox), Oracle (kernel, libcap, thunderbird, and uek-kernel), Red Hat (.NET 10.0, .NET 8.0, .NET 9.0, fence-agents, sudo, and systemd), Slackware (httpd), SUSE (freerdp, hauler, helm, himmelblau, kernel, libspectre, thunderbird, trivy, and xen), and Ubuntu (curl, exim4, and sed).
-
Security Week ☛ Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server
The most severe of these security defects could allow remote attackers to execute arbitrary code.
-
APNIC ☛ Rolling the root key
Have DNSSEC-validating recursive resolvers updated their Trust Anchor sets to include KSK-2024, and how can we measure whether this transition has been successfully adopted?
-
Security Week ☛ WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities
The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.
-
Security Week ☛ MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs
The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests.
-
Security Week ☛ Critical Remote Code Execution Vulnerability Patched in Android
CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction.
-
Security Week ☛ Karakurt Ransomware Negotiator Sentenced to Prison
Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies.
-
Security Week ☛ Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication.
-
Federal News Network ☛ From mandate to momentum: Turning CISA’s edge device directive into lasting capability
BOD 26-02 is more than a mandate. It’s an opportunity to fix one of the federal government’s most persistent cybersecurity challenges.
-
Federal News Network ☛ CISA tells critical organizations to prepare for cyber outages
Fresh off the longest shutdown in government history, CISA is pushing critical infrastructure orgs to plan for a cybersecurity emergency.
-
Security Week ☛ Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations [Ed: For the second time this week securityweek.com treats Microsoft as a security expert when in fact it puts back doors in everything; first securityweek.com pretended Microsoft speaks for Linux]
The malicious emails claim to contain a conduct report and lure victims to a Abusive Monopolist Microsoft phishing website that leverages AitM.
-
Trend Micro ☛ Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
TrendAI™ Research breaks down Quasar Linux (QLNX), a previously undocumented sophisticated Linux RAT with low detection rates. In this blog, we examine a full-featured Linux threat incorporating a rootkit, a PAM backdoor, credential harvesting, and more, revealing how this malware enables stealthy access, persistence, and potential supply-chain attacks.