Kernel prepatch 7.1-rc4
The 7.1-rc4 kernel prepatch is out for
testing.
Some of the documentation updates might be worth highlighting: the
continued flood of AI reports has basically made the security list
almost entirely unmanageable, with enormous duplication due to
different people finding the same things with the same
tools. People spend all their time just forwarding things to the
right people or saying “that was already fixed a week/month ago”
and pointing to the public … ⌘ Read more
Linux 7.1-rc4 Released With Many Fixes, New Documentation For Security/AI Topics
It was another busy week in the Linux 7.1 kernel space that has culminated with the release of Linux 7.1-rc4… ⌘ Read more
Microsoft Exchange Server Vulnerability Actively Exploited, in a Bad Week for Microsoft
Forbes describes it as “definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk.”
“We have issued CVE-2026-42897 to address … ⌘ Read more
The UK Finally Starts Reforming Its ‘Computer Misuse Act’
Computer Weekly reports on “the long-awaited reform of Britain’s outdated Computer Misuse Act of 1990 — which has hamstrung the work of the nation’s cyber security professionals and researchers for years.”
The Computer Misuse Act was passed 35 years ago in response to a high-profile hacking incident involving no less than the King’s father, the late Duke of Edi … ⌘ Read more
Digital legacy: How to make sure your family is not locked out
Security keeps people out of our documents, photos, financials, and secrets. How do you make sure family can access them if you die? ⌘ Read more
Anthropic’s Mythos Helped Build a Working macOS Exploit in Five Days
“The vulnerability is simple in practice,” writes Tom’s Hardware: “run a command as a standard user and gain root (administrator) access to the machine.”
And it was Mythos Preview that helped the security researchers at Palo Alto-based Calif bypass a five-year Apple security effort in just five days. The blog 9to5Mac reports:
Last year, … ⌘ Read more
Debian 13.5 Released To Ship The Latest Linux Security Fixes
Debian 13.5 is out today as the newest point release to Debian Trixie for incorporating all of the latest security fixes affecting the Linux kernel and dozens of user-space packages… ⌘ Read more
Longtime Leading AMD Linux GPU Driver Developer Now Working For Valve
It seems that Valve isn’t done expanding their open-source Linux graphics driver team and securing top talent for enhancing the Linux GPU drivers for a better gaming experience. One of the foremost leading Mesa developers has left AMD to join Valve… ⌘ Read more
Linux Kernel Outlines What Qualifies As A Security Bug, Responsible AI Use
The Linux 7.1 kernel has added new documentation clarifying what qualifies as a security bug and how AI-assisted vulnerability reports should be handled. Phoronix reports: Stemming from the recent influx of security bugs to the Linux kernel as well as an uptick in bug and security reports from discoveries made in full or in pa … ⌘ Read more
Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording
Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more. ⌘ Read more
Linux Kernel Adds Documentation For What Qualifies As A Security Bug, Responsible AI Use
Merged today for the Linux 7.1 kernel is some new documentation surrounding what qualifies as a security bug as well as around responsible use of AI for finding kernel bugs… ⌘ Read more
Linux 7.0.8 Released & LTS Kernels Updated For ssh-keysign-pwn
Following yesterday’s disclosure of the ssh-keysign-pwn vulnerability that allows unprivileged users to read root-owned files, a slew of new stable kernel releases are out today to address this latest Linux security issue… ⌘ Read more
Security updates for Friday
Security updates have been issued by Debian (ffmpeg, gsasl, nodejs, postgresql-15, postgresql-17, python3.9, and thunderbird), Fedora (expat, firefox, freerdp, GitPython, kernel, php, rust-podman-sequoia, rust-rpm-sequoia, rust-sequoia-chameleon-gnupg, rust-sequoia-git, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-openpgp, rust-sequoia-sop, rust-sequoia-sq, and rust-sequoia-sqv), Mageia (awstats, libreoffice, perl-HTTP-Tiny, and tomcat), Oracle (corosync, freerdp, … ⌘ Read more
Rocky Linux Launches Optional Security Repository To Get Important Fixes Sooner
In response to the likes of the Dirty Frag and Fragnesia vulnerabilities, Rocky Linux is introducing an optional security repository for shipping important security updates sooner… ⌘ Read more
Three stable kernels for Thursday
Greg Kroah-Hartman has announced the release of the 7.0.7, 6.18.30, and 6.12.88 stable kernels. These kernels do
not include a patch for the Fragnesia local-privilege-escalation exploit that came to light on
May 13, but do include many other important fixes throughout the
tree. Users ar … ⌘ Read more
Security updates for Thursday
Security updates have been issued by AlmaLinux (gimp, jq, and yggdrasil), Debian (nghttp2 and thunderbird), Fedora (chromium, firefox, freerdp, GitPython, kernel, kernel-headers, krb5, nano, nix, nodejs20, php, python-click, python-django5, SDL2_image, and xen), Mageia (dnsmasq, flatpak, kernel, kmod-virtualbox, kernel-linus, perl-Net-CIDR-Lite, perl-XML-LibXML, and redis), SUSE (dnsmasq, firefox, jupyter-jupyterlab, kernel, krb5, libvinylapi3, log4j, Mesa, mozjs60, NetworkManager, O … ⌘ Read more
Linux’s KVM With CET Virtualization Is Causing Some Hosts To Hang
Introduced to the Linux kernel last year was Control-flow Enforcement Technology “CET” virtualization for modern AMD and Intel CPUs. This complements CET that has existed in Linux for quite some time but it’s new now to the KVM virtualization world, but some yet to be diagnosed problems are causing some hosts to hang when making use of this virtualization security feature… ⌘ Read more
[$] LWN.net Weekly Edition for May 14, 2026
Inside this week’s LWN.net Weekly Edition:
Front: Fedora AI; Forgejo “carrot” disclosure; memory-management maintainership; huge THPs; mshare; 64KB base pages; DAMON; direct map.
Briefs: Dirty Frag; Fragnesia; Mythos and curl; killswitch; Debian reproducible builds; KDE investment; Quotes …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Linux Driver Posted For Intel Silicon Security Engine Interface “ISSEI”
Since Intel Meteor Lake has been the Intel Silicon Security Engine to serve as a silicon root-of-trust for secure firmware loading, boot measurements, and similar functionality. This Intel Silicon Security Engine has been built on with Lunar Lake and Panther Lake as well as set to take on more importance with future Intel hardware platforms. We are now seeing a Linux driver come for this silicon RoT with the Intel Silicon Security Engine Inte … ⌘ Read more
KDE Receives $1.4 Million Investment From Sovereign Tech Fund
The German Sovereign Tech Fund has invested 1.2 million euros ($1.4 million USD) in KDE Plasma technologies to help strengthen the structural reliability and security of the desktop environment’s core infrastructure, including Plasma, KDE Linux, and the frameworks underlying its communication services. Longtime Slashdot reader jrepin shares an excerpt fro … ⌘ Read more
Yet another Dirty Frag type vulnerability: Fragnesia
Sam James has sent an announcement
to the OSS Security mailing list about another
local-privilege-escalation (LPE) exploit in the same class as Dirty Frag, called
“Fragnesia”. From the disclosure:
This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by AlmaLinux (corosync, freerdp, git-lfs, glib2, jq, kernel-rt, krb5, libpng, libtiff, openexr, and thunderbird), Debian (exim4), Mageia (apache, perl-Gazelle, php, and sed), Slackware (expat), SUSE (assimp-devel, go1.26, libQt6Svg6, python-jupyterlab, raylib, thunderbird, tor, and trivy), and Ubuntu (exim4). ⌘ Read more
Sovereign Tech Fund invests in KDE
The KDE project has announced
that it has been awarded over €1 million from the Sovereign Tech Fund
to improve its desktop-environment software. “The investment will be
used to strengthen the structural reliability and security of KDE’s core
infrastructure, including Plasma, KDE Linux, and the frameworks underlying
its communication services.” ⌘ Read more
AMD & Intel Roll Out New Linux Updates For Today’s Patch Tuesday
Today’s Patch Tuesday is a busier one than normal for the quarter. Both AMD and Intel have rolled out new updates for Linux customers among other security disclosures today. Thankfully though the vulnerabilities don’t appear to be too widespread or impactful… ⌘ Read more
FCC Says Foreign-Made Routers Can Get Updates Until 2029
The FCC has softened its ban on foreign-made consumer routers, allowing vendors to keep issuing broader software and firmware updates for devices already in use in the U.S. through at least January 2029. Dark Reading reports: Under the original FCC ruling, foreign manufacturers were permitted to provide only limited maintenance and security patches to US custom … ⌘ Read more
Security updates for Tuesday
Security updates have been issued by AlmaLinux (freerdp, glib2, libsoup3, and openexr), Debian (dnsmasq, p7zip, p7zip-rar, python-authlib, and rails), Fedora (chromium, firefox, httpd, and nss), SUSE (java-25-openj9, krb5, libmodsecurity3, and mcphost), and Ubuntu (imagemagick, linux, linux-aws, linux-aws-fips, linux-aws-hwe, linux-azure-4.15, linux-fips, linux-gcp, linux-gcp-4.15, linux-gcp-fips, linux-hwe, linux-kvm, linux-oracle, linux-azure, linux-azure-fips, linux-oracle, linux-az … ⌘ Read more
Anthropic’s Bug-Hunting Mythos Was Greatest Marketing Stunt Ever, Says cURL Creator
cURL creator Daniel Stenberg says Anthropic’s hyped Mythos bug-hunting model found only one confirmed low-severity vulnerability in cURL, plus a few non-security bugs, after he expected a much longer list. He argues Mythos may be useful, but not meaningfully beyond other modern AI code-analysis tools. “My personal … ⌘ Read more
Google Says Hackers Used AI To Create Zero Day Security Flaw For the First Time
Google says it has seen the first evidence of cybercriminals using AI to create a zero-day vulnerability. “Google reported its findings to the unnamed firm affected by the vulnerability before releasing its report,” reports Politico. “The company then issued a patch to fix the issue.” From the report: Google Threat I … ⌘ Read more
GNOME’s Help Viewer Updated Due To Flatpak Sandbox Escape Vulnerability
GNOME’s help viewer, Yelp, last year was impacted by a serious security issue for arbitrary file reads. There’s a new vulnerability affecting the GNOME help viewer that led to the Yelp 49.1 release to address a possible Flatpak sandbox escape vector… ⌘ Read more
Security updates for Monday
Security updates have been issued by AlmaLinux (corosync, freeipmi, kernel, and kernel-rt), Debian (corosync, firefox-esr, kernel, lcms2, libpng1.6, linux-6.1, php8.2, php8.4, postorius, pyjwt, and tor), Fedora (dotnet10.0, exim, gnutls, kernel, nextcloud, nodejs22, php, proftpd, prosody, python-pulp-glue, python-requests, rclone, and SDL3_image), Mageia (firefox, nss, rootcerts, openvpn, thunderbird, and vim), Oracle (corosync, freeipmi, gstreamer1-plugins-bad-free, gstreamer1-plugins … ⌘ Read more
Open Source Registries Join Linux Foundation Working Group to Address Machine-Generated Traffic
Under the nonprofit Linux Foundation, “a new Sustaining Package Registries Working Group will seek to identify concrete funding, governance, and security practices,” reports ZDNet, “to keep code flowing as download counts grow…. Because software builds, continuous integration pipelin … ⌘ Read more
Microsoft Releases Azure Linux 3.0.20260506 With Many Security Fixes
Microsoft released Azure Linux 3.0.20260506 on Saturday in order to ship the latest security fixes affecting a wide variety of open-source software projects… ⌘ Read more
Hackable Robot Lawn Mower Unlocks a New Nightmare
Plus: Meta officially kills encrypted Instagram DMs, the Trump administration targets “violent left wing extremists,” leaked documents reveal Russia’s school for elite hackers, and more. ⌘ Read more
Thousands of Vibe-Coded Apps Expose Corporate and Personal Data On the Open Web
An anonymous reader quotes a report from Wired: Security researcher Dor Zvi and his team at the cybersecurity firm he cofounded, RedAccess, analyzed thousands of vibe-coded web applications created using the AI software development tools Lovable, Replit, Base44, and Netlify and found more than 5,000 of them that had v … ⌘ Read more
[$] Forgejo “carrot disclosure” raises security questions
An unusual, some might say hostile, approach to disclosing an alleged
remote-code-execution (RCE) flaw in the Forgejo software-collaboration platform has
sparked a multifaceted conversation. A so-called
“carrot disclosure” in April has raised questions about the
researcher’s methods of unveiling a security problem, Forgejo’s
security policies, and the project’s overall security posture. ⌘ Read more
Security updates for Friday
Security updates have been issued by AlmaLinux (libsoup and mingw-libtiff), Debian (apache2, chromium, lcms2, libreoffice, and prosody), Fedora (openssl and perl-Starman), Oracle (git-lfs, libsoup, and perl-XML-Parser), Slackware (libgpg, mozilla, and php), SUSE (389-ds, cairo, cf-cli, chromedriver, cri-tools, freeipmi, gnutls, grafana, java-11-openjdk, java-17-openjdk, jetty-minimal, libmariadbd-devel, librsvg, mesa, mozjs52, mutt, nix, opencryptoki, python-Django, python-django, p … ⌘ Read more
Four stable kernels with partial fixes for Dirty Frag
Greg Kroah-Hartman has announced the release of the 7.0.5, 6.18.28, 6.12.87, and 6.6.138 stable kernels. These kernels
contain a partial fix for the Dirty\
Frag and Copy Fail 2
security flaws. Kroah-Hartman … ⌘ Read more
Dirty Frag Vulnerability Made Public Early: Root Privilege On All Distributions
One week after the Copy Fail vulnerability, a new Linux local privilege escalation bug has been made public. This time around there are no patches or CVEs yet for this “Dirty Frag” vulnerability as the embargo was broken early and thus the security researcher went ahead and published earlier than anticipated… ⌘ Read more
Dirty Frag: a zero-day universal Linux LPE
Hyunwoo Kim has announced
the Dirty\
Frag security flaw, a
local-privilege-escalation (LPE) vulnerability similar to the
recently disclosed Copy Fail
flaw:
Because the embargo has now been broken, no patches or CVEs exist for
these vulnerabilities. After consultation with the linux-distros@vs.openwall.org
maintainers, and at the maintainers’ re … ⌘ Read more
Microsoft Issues Warning About Linux ‘Copy Fail’ Vulnerability
joshuark shares a report from Linux Magazine: Microsoft has issued a warning that a vulnerability with a CVSS score of 7.8 has been found in the Linux kernel. The vulnerability in question is tagged CVE-2026-31431 and, according to the Cybersecurity and Infrastructure Security Agency (CISA), “This Linux Kernel Incorrect Resource Transfer Between Spheres … ⌘ Read more
Security updates for Thursday
Security updates have been issued by AlmaLinux (dovecot, fence-agents, freeipmi, git-lfs, image-builder, kernel, libsoup, osbuild-composer, and python-tornado), Debian (apache2, libdatetime-timezone-perl, lrzip, tzdata, and wireshark), Fedora (dovecot, forgejo-runner, gh, gnutls, krb5, nano, pdns, pyOpenSSL, squid, vim, and xorg-x11-server-Xwayland), Mageia (graphicsmagick, kernel-linus, krb5-appl, libexif, libtiff, nano, nginx, ntfs-3g, opam, perl-Net-CIDR-Lite, perl-Starlet, perl-Starma … ⌘ Read more
[$] LWN.net Weekly Edition for May 7, 2026
Inside this week’s LWN.net Weekly Edition:
Front: LLMs and security; restartable sequences and TCMalloc; Fedora and GNOME bug reports; Prolly trees; Arm on s390.
Briefs: NHS open source; Alpine outage; GCC 16.1; Incus 7.0 LTS; NetHack 5.0.0; PHP license; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Microsoft Edge Stores Passwords In Plaintext In RAM
Longtime Slashdot reader UnknowingFool writes: Security researcher Tom Joran Sonstebyseter Ronning has found that Microsoft Edge stores passwords in plaintext in RAM. After creating a password and storing it using Edge’s password manager, Ronning found that he could dump the RAM and recover his password which was stored in plaintext. Part of the issue is Edge loads all pas … ⌘ Read more
[$] LLM-driven security reports disrupt coordinated disclosure
Predictions that LLM tools would cause a surge in reports of security vulnerabilities
have, unquestionably, borne out. As expected, maintainers are having to wade
through more security reports than ever before; in addition, LLM tools are
disrupting traditional-coordinated disclosure practices as well. The method of Copy Fail’s disclosure, in particular, left
vendors, projects, and users scrambling. In addition, maintainers are seeing
parallel discove … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by AlmaLinux (corosync, dovecot, image-builder, python-tornado, resource-agents, and systemd), Debian (openjdk-11, openjdk-17, and pyjwt), Fedora (pdns, pyOpenSSL, and squid), Slackware (hunspell), SUSE (alloy, avahi, bubblewrap, cmctl, coredns, curl, dpkg, firefox, golang-github-prometheus-prometheus, grafana, libpng12, PackageKit, sed, and xen), and Ubuntu (docker.io-app, nghttp2, python-django, and python-mako). ⌘ Read more
Best Indoor Security Cameras (2026): For Homes and Apartments
Cameras can offer peace of mind, but choose carefully before inviting one into your home. ⌘ Read more
White House App Is a Terrifying Security Mess
New submitter spazmonkey writes: From a hidden GPS tracker polling your location every 4.5 minutes to JavaScript loaded from a random GitHub account, no SSL certificate pinning, and an in-app browser that silently strips cookie consent dialogs and paywalls from every page you visit, the new White House app seems to have a little bit of everything. A security researcher pulled the APK a … ⌘ Read more
Vivid Seats Promo Codes and Deals: Get 10% Off
Whether you are heading to a sold-out concert or a championship game, use a Vivid Seats discount code to secure your seats for less this May. ⌘ Read more
US Government Warns of Severe CopyFail Bug Affecting Major Versions of Linux
An anonymous reader quotes a report from TechCrunch: A severe security vulnerability affecting almost every version of the Linux operating system has caught defenders off-guard and scrambling to patch after security researchers publicly released exploit code that allows attackers to take complete control of vulnerable sys … ⌘ Read more
Pornhub Restores Access for UK Adults Who Use Apple’s Age Verification
The porn giant blocked its content from new UK users in February but says device-based age verification is more secure than third-party sites. ⌘ Read more