谁能想到，天天依赖、号称最稳的Linux内核，藏了个潜伏9年的致命漏洞，仅凭732字节的Python脚本，就能一键拿下系统最高root权限，Ubuntu、RHEL、SUSE这些主流发行版全中招，堪称Linux安全圈的“王炸级翻车现场”！ 熟悉Linux安全的朋友都知道，以往的内核提权漏洞全是“麻烦精”：要么需要复杂的竞态条件、要么得严格匹配内核版本、还要编译专用攻击载荷，稍有差池就会失败，门槛高到 ...

CISA Flags Linux Copy Fail Flaw On Watch List, Crypto Infra At Risk. A new Linux vulnerability dubbed“Copy Fail” could impact ...

Trivially Exploitable, Impacts Crypto Infrastructure. Security researchers have highlighted a Linux vulnerability nicknamed Copy Fail that could impact a broad swath of open-source distributions ...

A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week. Most ...

A new Python-based remote access Trojan (RAT) known as PylangGhost is being deployed in cyber campaigns attributed to the North Korean-aligned group Famous Chollima. According to research from Cisco ...

Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto wallets and websites. This discovery ...

A threat actor has been delivering a "relentless campaign" since early April to seed the software supply chain with hundreds of malicious Python packages aimed at stealing sensitive data and ...

A malicious Python Package Index (PyPI) package, dubbed “aiocpa” and engineered to steal cryptocurrency wallet data, has been uncovered by security researchers. The package posed as a legitimate ...