干货福利，第一时间送达！ 最近有小伙伴说没有收到当天的文章推送，这是因为微信更改了推送机制，导致没有星标公众号的小伙伴刷不到当天推送的文章，无法接收到一些比较实用的知识和资讯。所以建议大家加个星标⭐️，以后就能第一时间收到推送了。

ZDNET key takeaways Logging in as the root user should never be done on Linux.Using the root account could lead to ...

IT之家 11 月 1 日消息，科技媒体 bleepingcomputer 昨日（10 月 31 日）发布博文，报道称有证据表明，有勒索软件团伙利用潜伏长达十年的 Linux 内核高危权限提升漏洞， 获取最高 root 权限，进而完全接管设备、窃取数据。

The power to grab root privileges is the ultimate evil in Unix and Linux systems. Kevin Backhouse, a member of the GitHub Security Lab, found the polkit security hole in the course of his duties. He ...

近日，Qualys的研究人员发现了一种新的Linux漏洞名为“Looney Tunables”，追踪编号为CVE-2023-4911，利用该漏洞，研究人员已经成功获得了Fedora、Ubuntu和Debian等主流发行版系统的完全root权限，而其他发行版也可能会受到该漏洞的影响··· 近日，Qualys的研究人员发现 ...

Qualys威胁研究部门（TRU）近日披露了两个相互关联的权限提升漏洞——CVE-2025-6018与CVE-2025-6019。攻击者通过组合利用PAM（可 ...

Ubuntu Linux内核曝出高危漏洞，本地攻击者可利用该漏洞提升权限，最终在受影响系统上获取root访问权限。该漏洞在TyphoonPWN ...

Android, Debian and Ubuntu users are still at risk. A high-severity cache invalidation bug in the Linux kernel has been uncovered, which could allow an attacker to gain root privileges on the targeted ...

A vulnerability in the Linux sudo command has been discovered that could allow unprivileged users to execute commands as root. Thankfully, this vulnerability only works in non-standard configurations ...

Security researcher Sebastian Krahmer has recently discovered that a previously known security flaw in the systemd project can be used for more than crashing a Linux distro but also to grant local ...

美国网络安全和基础设施安全局（CISA）发布紧急警报，指出Linux内核中存在一个严重的释放后重用漏洞（CVE-2024-1086）。该漏洞潜伏在netfilter:nf_tables组件中，可使本地攻击者提升权限并可能部署勒索软件，对全球企业系统造成严重破坏。