Security researchers at Nebusec have disclosed **GhostLock**, a stack use-after-free (UAF) vulnerability present in every Linux distribution for approximately 15 years. Full technical details are in [
Researchers at Nebula Security have disclosed [GhostLock (CVE-2026-43499)](https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html), a privilege-escalation vulnerability that ha
A newly disclosed Linux kernel vulnerability dubbed **Januscape** allows an attacker inside a virtual machine to escape that VM boundary and execute arbitrary code directly on the host system. Accordi
GNU Guix has [disclosed vulnerabilities](https://guix.gnu.org/blog/2026/guix-substitute-pull-vulnerabilities/) affecting two of its most critical operations: `guix substitute`, which fetches pre-built
Security researchers have disclosed **CVE-2026-46242**, nicknamed "Bad Epoll" — a local privilege escalation (LPE) flaw in the Linux kernel's `epoll` subsystem. The vulnerability allows any unprivileg
A public, working exploit for **CVE-2026-46331** — nicknamed "pedit COW" — is already in the wild. Any local unprivileged user on a vulnerable Linux system can use it to gain root. If you run Linux se
A Linux kernel privilege escalation flaw tracked as **CVE-2026-43503** (CVSS 8.8) — dubbed **DirtyClone** — now has a fully working public exploit as of June 25. This is an immediate patching emergenc
Geopolitics collided with AI governance yesterday as fears about Chinese access to Anthropic's most capable model drove U.S. export restrictions — and immediately drew scrutiny from Brussels over what
Security researchers have published a [detailed, working exploit](https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html) for **CVE-2026-23111**, a use-after-free vulnerability
A newly disclosed local privilege escalation (LPE) vulnerability, dubbed **CIFSwitch**, has been found in the Linux kernel. [BleepingComputer reports](https://www.bleepingcomputer.com/news/security/ne