Hackaday [Unofficial]16h ago

This Week in Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, and Backdoored Tools

https://fed.brid.gy/r/https://hackaday.com/2026/05/08/this-week-in-security-another-linux-exploit-ubuntu-knocked-offline-finals-interrupted-and-backdoored-tools/

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and …

Hackaday
1315h ago
This Week in Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, and Backdoored Tools https://hackaday.com/2026/05/08/this-week-in-security-another-linux-exploit-ubuntu-knocked-offline-finals-interrupted-and-backdoored-tools/
#HackadayColumns #SecurityHacks #Cisa #Copyfail #Cpanel #Daemontools #Ddos #Dirtyfrag #Edge #Oracle #Shinyhunters #Tetra #ThisWeekinSecurity #Ubuntu
This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and …

Hackaday
13May 1
This Week in Security: State Malware, State Hardware Bans, and Stuxnet before Stuxnet was Cool https://hackaday.com/2026/05/01/this-week-in-security-state-malware-state-hardware-bans-and-stuxnet-before-stuxnet-was-cool/
#HackadayColumns #SecurityHacks #Copyfail #Cpanel #Github #Malware #Ransomware #Routers #Security #Stuxnet #Twis #Venezuela #Wiper
This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local privi…

Hackaday
Hackaday [Unofficial]Apr 24

How Anthropic’s Model Context Protocol Allows for Easy Remote Execution

https://fed.brid.gy/r/https://hackaday.com/2026/04/24/how-anthropics-model-context-protocol-allows-for-easy-remote-execution/

Hackaday [Unofficial]Apr 24

This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse

https://fed.brid.gy/r/https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/

This Week In Security: Annoyed Researchers, Dangling DNS, And Hacks That Could Have Been Worse

The author of the BlueHammer exploit, which was released earlier this month and addressed in the last Patch Tuesday, continues to be annoyed with the responses from the Microsoft security research …

Hackaday
13Apr 24
This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/
#HackadayColumns #SecurityHacks #3com #Bitwarden #Bluehammer #Dns #Ios #Linux #Mythos #Nextcloud #Security #Signal #Srilanka #Supplychain #ThisWeekinSecurity
This Week In Security: Annoyed Researchers, Dangling DNS, And Hacks That Could Have Been Worse

The author of the BlueHammer exploit, which was released earlier this month and addressed in the last Patch Tuesday, continues to be annoyed with the responses from the Microsoft security research …

Hackaday
13Apr 24
How Anthropic’s Model Context Protocol Allows for Easy Remote Execution https://hackaday.com/2026/04/24/how-anthropics-model-context-protocol-allows-for-easy-remote-execution/
#ArtificialIntelligence #SecurityHacks #Artificalintelligence #Codesecurity
How Anthropic’s Model Context Protocol Allows For Easy Remote Execution

As part of the effort to push Large Language Model (LLM) ‘AI’ into more and more places, Anthropic’s Model Context Protocol (MCP) has been adopted as the standard to connect LLMs …

Hackaday
13Apr 24
Encrypting Encrypted Traffic To Get Around VPN Bans https://hackaday.com/2026/04/23/encrypting-encrypted-traffic-to-get-around-vpn-bans/
#NetworkHacks #SecurityHacks #Anonymity #Censorship #Shadowsocks #Vpn
Encrypting Encrypted Traffic To Get Around VPN Bans

VPNs, Virtual Private Networks, aren’t just a good idea to keep your data secure: for millions of people living under restrictive regimes they’re the only way to ensure full access to t…

Hackaday
Hackaday [Unofficial]Apr 17

This Week in Security: Docker Auth, Windows Tools, and a Very Full Patch Tuesday

https://fed.brid.gy/r/https://hackaday.com/2026/04/17/this-week-in-security-docker-auth-windows-tools-and-a-very-full-patch-tuesday/

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the 202…

Hackaday
13Apr 17
This Week in Security: Docker Auth, Windows Tools, and a Very Full Patch Tuesday https://hackaday.com/2026/04/17/this-week-in-security-docker-auth-windows-tools-and-a-very-full-patch-tuesday/
#HackadayColumns #SecurityHacks #Docker #Malware #Microsoft #Nist #Openssl #Rockstar #Security #Xorg #Xwayland
This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the 202…

Hackaday