What Are You Looking To Secure Today?
Advisories
Ubuntu Exim Security Advisory 8382-1 CVE-2023-51766 CVE-2026-40685
Several security issues were fixed in Exim.
Debian Ceph Critical Privilege Escalation DoS Info Disclosure DSA-6321-1
Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system, which may result in privilege escalation, denial of service or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed ...
SUSE Linux 12 Multi-Linux Manager Vital DoS Security Patch 2026-2241-1
An update that solves one vulnerability, contains one feature and has seven security fixes can now be installed.
SUSE Multi-Linux Manager Significant Security Update 2026-2242-1
An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed.
SUSE Multi-Linux Manager Client Tools Important Security Update 2026-2243-1
An update that solves 17 vulnerabilities, contains two features and has eight security fixes can now be installed.
Debian Ceph Critical Privilege Escalation DoS Info Disclosure DSA-6321-1
Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system, which may result in privilege escalation, denial of service or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed ...
Debian Oldstable php-twig Vulnerabilities for PHP Code Injection DSA-6320-1
Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the oldstable distribution (bookworm), these problems have been fixed in versi...
Debian yelp Important Information Disclosure Sandbox Escape DSA-6319-1
A vulnerability was discovered in yelp, the GNOME help browser, that allows a crafted help document to read files accessible to the user and exfiltrate them to a remote server through resources loaded by the embedded web view. When yelp is launched f...
Debian Trixie gst-plugins-good1.0 Critical DoS Code Exec DSA-6318-1
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For ...
Debian Symfony Important SQL Injection Denial Of Service Vuln DSA-6317-1
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP ...
Join Our Community
Join our community and get the latest security insights delivered to you.
Featured Articles
Why Linux Rootkits Still Matter in Cloud and VMware Environments
Linux rootkits are old, but they never really disappeared. They just stopped attracting the same...
SSH Key Sprawl on Linux Unmanaged Access Threats and Cleanup Guide
A production Linux server gets rebuilt from an old image. A contractor leaves. A CI/CD job is...
Get expert insights in the realm of Linux Security
Subscribe to Linux Security Newsletters
GitHub Actions Compromise CI/CD Supply Chain Risks Explored
For years, most software supply chain attacks focused on malicious dependencies and vulnerable...
LinuxSecurity.com Major Update for Improved Threat Discovery and Research
LinuxSecurity.com has been part of the Linux and open-source security community since the late...
Linux Privilege Escalation Patterns and Mitigation Strategies
Linux privilege escalation starts once an attacker gets a foothold on a machine. Maybe it is a...
Get expert insights in the realm of Linux Security
Subscribe to Linux Security Newsletters
Latest Linux Security News
VPN Strategies for Linux Developers Managing Mobile Security Risks
Misuse of Cron Jobs for Long-Term Access in Linux Environments
Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it c...
Risks of GitHub Repo Breach on Linux Supply Chain Security
A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security.
Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for yea...
Trending News
HOWTOs
How to Detect Unauthorized SSH Keys on Linux Systems
Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem.
Linux IDS vs IPS: Operational Differences and Deployment Tradeoffs
The wrong IPS rule can look like a security fix right up until it becomes an outage.
How To Understand Failed Authentication Patterns in Linux Logs
Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them ini...
How to Respond After Detecting a Compromised Linux Server
The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available.
One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators st...
How to Diagnose Suspicious Outbound Connections on Linux Servers
When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine...
Community Poll
What got you started with Linux?
Debian Ceph Critical Privilege Escalation DoS Info Disclosure DSA-6321-1
Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system, which may result in privilege escalation, denial of service or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed ...
Debian Oldstable php-twig Vulnerabilities for PHP Code Injection DSA-6320-1
Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the oldstable distribution (bookworm), these problems have been fixed in versi...
Debian yelp Important Information Disclosure Sandbox Escape DSA-6319-1
A vulnerability was discovered in yelp, the GNOME help browser, that allows a crafted help document to read files accessible to the user and exfiltrate them to a remote server through resources loaded by the embedded web view. When yelp is launched f...
Debian Trixie gst-plugins-good1.0 Critical DoS Code Exec DSA-6318-1
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For ...
Debian Symfony Important SQL Injection Denial Of Service Vuln DSA-6317-1
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP ...
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!