New Linux 'Dirty Frag' zero-day gives root on all major distros

A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.

Ex-Trump Official Sounds Alarm on ‘Doomsday’ Plan White House Can Exploit

The former official offered a chilling warning of what President Donald Trump could do if he enacts a secret catalog of Cold ...
Microsoft

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and ...

Kelp DAO exploit prompts DeFi protocols to rethink oracle providers

Decentralized finance protocols are reevaluating their blockchain oracle providers’ security after the fallout from the $293 ...
Morning Overview on MSN

Apple’s ‘Coruna’ and ‘DarkSword’ exploit kits are actively targeting iPhones running iOS 13 through 18.7

If you own an iPhone and have been putting off software updates, the window for complacency just closed. A government ...
CSO Online

Claude in Chrome is taking orders from the wrong extensions

Security researchers warn that Anthropic’s Claude in Chrome extension can be abused by malicious extensions that exploit ...
Trinidad and Tobago Express

Gangs exploit gaps in policing

THE triple murder in Belmont yesterday is a reminder that law enforcement agencies 'cannot let their guard down' despite ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

CISA gives feds four days to patch Ivanti flaw exploited as zero-day

CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti ...

Intruder CEO Chris Wallis to Discuss AI and the Future of Pentesting at KB4-CON 2026

Intruder, a leader in exposure management, today announced that its founder and CEO, Chris Wallis, will be a featured speaker at KB4-CON 2026 on May 13. Wallis will headline the session titled AI, ...