The central voice for Linux and Open Source security news.
Përditësimi: 6 orë 24 min më parë
Mar, 07/07/2026 - 5:04md
A 16-year-old KVM vulnerability recently hit the news, and honestly? It’s a healthy dose of reality. We like to think of our hypervisors as these impenetrable walls, but this is a reminder that VM isolation isn't a permanent guarantee. Even in the most mature Linux virtualization stacks, you’ve got code paths that haven't been touched in over a decade, just waiting for the right researcher to pull on the wrong thread. For those of us running KVM hosts, this isn't just about grabbing the late...
Mar, 07/07/2026 - 4:10md
One of the easiest mistakes to make in detection engineering is assuming a rule keeps working simply because nobody has touched it. Most of the time, nobody removes the rule. Nobody disables it. It just gets forgotten.
Hën, 06/07/2026 - 7:00md
We often view OpenSSH security updates through the lens of standard patch management. When a new CVE hits, we scramble to update, check our versions, and return to business as usual. But recent vulnerabilities tied to distribution-added OpenSSH GSSAPI patches are a reminder that the danger doesn't always lie in the core code; it often resides in the "convenience" features we layer on top.
Hën, 06/07/2026 - 4:16md
Docker makes containers feel like separate, lightweight virtual machines. They have their own hostnames, processes, and networking—but are they actually isolated? Many administrators assume they are without ever verifying the boundaries. If you’ve ever wondered what truly separates your application from the host, this guide is for you. We’ll use simple Docker commands to verify container isolation firsthand and uncover exactly what remains shared with the host.
Hën, 06/07/2026 - 2:23md
Linux security teams are drowning. Patches, kernel updates, new CVEs every week. SSH exposed here, an old web service there, and a forgotten cron job running as root. On top of that, SIEM dashboards blink all day with alerts that all claim to be “high priority.”
Pre, 03/07/2026 - 5:11md
Before you close out the week, check what still needs to be patched.
Pre, 03/07/2026 - 3:22md
You’re staring at a service or a cron job that’s giving you a bad feeling. Stop. The most dangerous thing you can do right now is act on that gut feeling alone. Linux systems are inherently noisy—package managers, configuration management, and the occasional "quick fix" from a colleague can all leave weird artifacts behind.
Enj, 02/07/2026 - 7:10md
If you think you know what’s running on your Linux host, you’re probably wrong. Not because you’re bad at your job—but because the kernel is lying to you.
Enj, 02/07/2026 - 5:47md
GitHub has become the latest delivery mechanism for malware aimed at security researchers.
Mër, 01/07/2026 - 3:54md
Over the span of just 14 days, threat actors unleashed more than 81 million login attempts against Microsoft’s Azure command-line interface (CLI). The campaign, which security researchers at Huntress identified as an ongoing, automated password-spraying effort, successfully compromised at least 78 Microsoft accounts across 64 organizations between June 12 and June 26, 2026.
Mër, 01/07/2026 - 3:04md
Building effective behavioral detections starts with understanding how processes behave at runtime, rather than simply collecting more logs. eBPF gives Linux security teams the visibility needed to correlate those behaviors into meaningful detections, moving away from static signatures and toward real-time analysis.