N-gated Hacker News2d ago
🚀 Breaking News: Some genius 🧠 has figured out that locking your screen is important! Quick, everyone, drop everything and patch your systems so your screensaver doesn’t get killed by Linux's OOM killer! 🤡 Because apparently, it's 2004 and we all need a sysctl to hold our hand through life’s toughest challenges! 🙈
https://lwn.net/Articles/104185/ #screenlocking #linux #OOMkiller #cybersecurity #sysadmin #patching #HackerNews #ngated
Re: [PATCH] oom_pardon, aka don't kill my xlock

From: Andries Brouwer <aebr-AT-win.tue.nl> To: Thomas Habets <t [...]

LWN.net
Layar Kosong4d ago

tentang masalah patching jaringan terbatas (restricted networks) pada update Secure Boot Windows dan mengapa ini berprioritas rendah.

#fediverse #Mengupas #Masalah #Patching

https://dalam.web.id/warta-tekno/masalah-patching-jaringan-terbatas-secure-boot

Mengupas Masalah Patching Jaringan Terbatas pada Update Secure Boot

Bingung dengan istilah 'masalah patching di jaringan terbatas' dari Microsoft? Artikel ini memtelusuri alasannya secara santai dan mengapa PC rumahan Anda tetap aman.

Layar Kosong
Bill4d ago

Adam has it right here. Severity is a model that no longer works. In use exploits is where it's at. Part of why threat intelligence networks like @ifin are so important.

https://stateofsecurity.com/stop-patching-solely-by-severity-start-patching-by-exploitation/

#patching #exploits

Stop Patching Solely by Severity. Start Patching by Exploitation.

Tweet If your patch SLAs are still solely driven by CVSS base score, i.e., Critical in 7 days, High in 30, Medium “when we get to it”; you are optimizing for the wrong variable. The math stopped working a while … Continue reading →

MSI :: State of Security
hellocatfoodMay 24

All this just to convert numbers

#puredata #patching

TechTinkTronicsMay 23

Windows 98 blue screen of death? The fix is patching! Without it, you're stuck with errors and a non-working OS. Tried many times, didn't work. Essential for stability.

Tap the like, but don't tap out. Share the video, and Subscribe! Visit us on Instagram, TikTok, YouTube and Rumble!

#Windows98 #TechFix #BlueScreen #ComputerHistory #OperatingSystem #Patching #TechNostalgia #VintageTech #ITSupport #Troubleshooting

Schneier on Security RSSMay 14

How Dangerous Is Anthropic’s Mythos AI?

Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html

#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI

How Dangerous Is Anthropic's Mythos AI? - Schneier on Security

Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan and fix their own software. The announcement requires context—but it contained an essential truth. While Anthropic’s model is really good at finding software vulnerabilities, so are other models. The UK’s AI Security Institute found that OpenAI’s GPT-5.5, already generally available, is comparable in capability. The company Aisle ...

Schneier on Security
Schneier on Security RSSMay 12

Copy.Fail Linux Vulnerability

This is the worst Linux vulnerability in years.
TL;DR

copy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html

#vulnerabilities #Uncategorized #patching #Linux

Copy.Fail Linux Vulnerability - Schneier on Security

This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API (AF_ALG sockets) plus splice() to write four bytes at a time straight into the page cache of a file the attacker does not own. The exploit works unmodified across Ubuntu, RHEL, Debian, SUSE, Amazon Linux, Fedora and most others. No race condition, no per-distro offsets. The file on disk is never modified. AIDE, Tripwire and checksum-based monitoring see nothing. ...

Schneier on Security
Analyst207May 12

OpenAI Unveils Daybreak to Automate Vulnerability Detection and Patching

Meet Daybreak, a game-changing cybersecurity tool from OpenAI that supercharges vulnerability detection and patching with cutting-edge AI, helping organizations stay one step ahead of attackers and making the world a safer place. By combining AI intelligence with advanced code analysis, Daybreak…

https://osintsights.com/openai-unveils-daybreak-to-automate-vulnerability-detection-and-patching?utm_source=mastodon&utm_medium=social

#VulnerabilityDetection #Patching #ArtificialIntelligence #Cybersecurity #AutomatedThreatResponse

OpenAI Unveils Daybreak to Automate Vulnerability Detection and Patching

Discover Daybreak, OpenAI's AI-powered tool that automates vulnerability detection and patching, and learn how to request access to protect your organization - read now and stay secure.

OSINTSights
Hacker NewsMay 8

Non-determinism is an issue with patching CVEs

https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/

#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development

Flox | Achieving CVE Remediation in an Era of Escalating Vulnerabilities

AI is accelerating the rate of CVE discovery. Learn how Flox and Nix transform package vulnerability triage from repeated artifact scans into quick, queryable dependency-graph analysis.

Flox
CVEDatabase.comMay 7
Security Tip: Can't patch a production system immediately? Consider virtual patching. 🛡️ By deploying WAF rules, IPS signatures, or runtime protection, you can mitigate specific CVE exploits at the network or host level. This buys your team the time needed to test and deploy official vendor patches without leaving the door wide open. Research the latest vulnerabilities and mitigation strategies at https://cvedatabase.com #InfoSec #CyberSecurity #CVE #Patching
CVEDatabase.com - Search & Analyze CVE Vulnerabilities

Search and analyze CVE vulnerabilities with instant access to CVSS scores, affected products, and AI-powered remediation guidance.

CVEDatabase.com