Amazon Web Services (AWS) has disclosed a significant security flaw in its WorkSpaces client for Linux, potentially allowing local attackers to steal authentication tokens and hijack user sessions.
Identified as CVE-2025-12779, the vulnerability stems from improper handling of authentication tokens in the client software,...
Built on FreeBSD, has rolled out version 25.7.7, a significant security update addressing vulnerabilities and enhancing system stability.
Released on November 6, 2025, this patch includes third-party software upgrades, refinements to firewall logging based on user input, and fixes for longstanding security risks tied...
A misconfigured Jupyter Notebook server running as root on a Linux system exposed a straightforward path for privilege escalation, allowing attackers with local access to obtain full root control through the server's terminal API.
This technique highlights a common deployment error rather than a...
A high-severity vulnerability has been disclosed in the Linux Kernel’s ksmbd module that can be exploited by authenticated attackers to achieve remote code execution.
Tracked as CVE-2025-38561, the flaw stems from a race condition in the handling of the Preauth_HashValue field during SMB2 session...
A critical security vulnerability in the Linux kernel's netfilter ipset subsystem has been disclosed, allowing attackers to achieve privilege escalation through an out-of-bounds write primitive.
The vulnerability, tracked as CVE-2024-53141, affects Linux kernel versions up to commit 041bd1e4 and kernel 6.12.2, presenting significant risks...
A critical vulnerability that transforms ordinary USB webcams into sophisticated cyber weapons, marking the first documented case where attackers can remotely weaponize USB devices already connected to computers.
The groundbreaking research by Eclypsium's Jesse Michael and Mickey Shkatov, presented at DEF CON 2025, demonstrates...