Dirty Frag 漏洞曝光,影响所有主流 Linux 发行版

2026年5月7日,安全研究领域迎来了一次重大的震荡,安全研究员 Hyunwoo Kim 披露了一种名为“Dirty Frag” 的新型Linux ...
The Free Press Journal

New 'Copy Fail' Flaw In Linux Kernel Lets Any Local User Seize Root Access: Here's How To ...

Tracked as CVE-2026-31431 with a CVSS score of 7.8, Copy Fail was uncovered and named by researchers at Xint.io and Theori. The flaw allows an unprivileged local user to write four controlled bytes ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...
IEEE

Malicious Shellcode Detection with Virtual Memory Snapshots

Abstract: Malicious shellcodes are segments of binary code disguised as normal input data. Such shellcodes can be injected into a target process's virtual memory. They overwrite the process's return ...
CSOonline

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...
The Hacker News

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The ...
GitHub

linux-shellcode

Payload Generator & Encoder is a Python tool that generates a custom payload to establish a network connection via a socket (using a specified IP and port) and encodes it in various formats (Base64, ...
Bleeping Computer

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

Update added below about this bootkit being created by students in Korea's Best of the Best (BoB) cybersecurity training program. The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the ...
Dark Reading

'Bootkitty' First Bootloader to Take Aim at Linux

Researchers have spotted what they believe is the first ever malware capable of infecting the boot process of Linux systems. "Bootkitty" is proof-of-concept code that students in Korea developed for a ...
IEEE

Catch Me if You Can! Transparent Detection of Shellcode

Abstract: Shellcodes are malicious code fragments which are usually executed after exploitation of particular vulnerability. Such shellcodes can be packed within a binary in a form of payload and ...