Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
CoinDesk

'JaredfromSubway' bot front runs Vitalik Buterin's $4 token swap with $1 million in volume

The Ethereum co-founder, who has spent months campaigning against toxic MEV with proposals for encrypted mempools, just had ...
The Hacker News

âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

New PCPJack worm steals credentials, cleans TeamPCP infections

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...
CSO Online

Windows shell spoofing vulnerability puts sensitive data at risk

A flaw remaining after the February patch of a zero day is already being exploited, and slow patch cycles in both government ...
SecurityWeek

Critical Remote Code Execution Vulnerability Patched in Android

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for ...
The Hacker News

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.