Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
The latest generations of Intel processors, including Xeon chips, and AMD's older Zen 1, Zen 1+, and Zen 2 microarchitectures on…
Serious Adversaries Circle Ivanti CSA Zero-Day Flaws
Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access…
Stealthy ‘sedexp’ Linux malware evaded detection for two years
A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included…
Google fixes Android kernel zero-day exploited in targeted attacks
Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. [...]
Linux kernel impacted by new SLUBStick cross-cache attack
A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary…
Google now pays $250,000 for KVM zero-day vulnerabilities
Google has launched kvmCTF, a new vulnerability reward program (VRP) first announced in October 2023 to improve the security of…
New ARM ‘TIKTAG’ attack impacts Google Chrome, Linux systems
A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance…
CISA warns of actively exploited Linux privilege elevation flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including…
400K Linux Servers Recruited by Resurrected Ebury Botnet
Cryptocurrency theft and financial fraud are the new M.O. of the 15-year-old malware operation that has hit organizations around the…
New Spectre v2 attack impacts Linux systems on Intel CPUs
Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems…