Hot on the Heels of Copy Fail, New Linux Bugs Grant Root Privileges

Additional Linux privilege escalation exploits related to long-existing bugs have been disclosed, so patch ASAP.
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
The Hacker News

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 with a CVSS score ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

Another major Linux security flaw revealed — nine-year old issue could spell disaster for users

There was a way to elevate normal Linux users' privileges to root, granting threat actors admin access.
SecurityWeek

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal warns users that it has seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...