Vulnerability

Researchers have identified a high-severity flaw in the Linux kernel that can allow untrusted users to gain root access. The issue stems from one incorrect character in the code.

2026년 05월 23일 AI에 의해 보고됨

Qualys researchers have identified a logic flaw in the Linux kernel that enables unprivileged local users to disclose sensitive files and execute arbitrary commands as root.

Building on earlier PeerBlight attacks, Google Threat Intelligence reports exploitation of the React2Shell vulnerability (CVE-2025-55182) by China-nexus clusters and financially motivated actors deploying backdoors and cryptocurrency miners on vulnerable React and Next.js systems.

2025년 12월 10일 AI에 의해 보고됨

A critical vulnerability in React Server Components, known as React2Shell and tracked as CVE-2025-55182, is being actively exploited to deploy a new Linux backdoor called PeerBlight. This malware turns compromised servers into covert proxy and command-and-control nodes. Attackers use a single crafted HTTP request to execute arbitrary code on vulnerable Next.js and React applications.

The U.S. Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical Linux kernel vulnerability, CVE-2024-1086, now being used by ransomware operators. This flaw allows local privilege escalation and was patched in January 2024. The warning highlights ongoing risks to enterprise systems despite available fixes.

2025년 11월 02일 AI에 의해 보고됨

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about ongoing ransomware attacks targeting a known Linux kernel vulnerability. Federal agencies must update affected systems by November 20 or discontinue their use. The alert highlights that Linux is not immune to such threats, debunking myths about ransomware's decline and Windows as the sole target.