The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...
Cybernews

One tiny exploit gives full Linux access: all kernels since 2017 are vulnerable

The critical "Copy Fail" bug (CVE-2026-31431) affects all Linux kernels since 2017, allowing unprivileged local users to gain ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
CSO Online

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container ...
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...