All CosmicBytez Labs articles tagged #Linux, across news, security advisories, how-to guides, and projects.
Microsoft announced Coreutils for Windows at Build 2026, bringing widely used Linux command-line utilities — ls, grep, cat, awk, and more — to Windows as native applications without requiring WSL or third-party tools.
Use SQL to query your endpoints like a database. Deploy osquery across Linux and Windows hosts to surface process trees, network connections, user activity, and persistence mechanisms — then build detection queries for real-world threat hunting.
A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...
This week's security roundup covers Linux privilege escalation zero-days, actively exploited Windows Defender vulnerabilities, router botnets hijacking DNS.
A coordinated supply chain attack campaign has infected eight Packagist Composer packages with malicious code that downloads and executes a Linux binary...
This week's threat intelligence bulletin covers Linux rootkit campaigns, an actively exploited router zero-day, AI-assisted intrusions, new scam kit...
On day two of Pwn2Own Berlin 2026, competitors demonstrated 15 unique zero-day vulnerabilities and collected $385,750 in awards, successfully exploiting...
A critical vulnerability in certain configurations of the Exim open-source mail transfer agent allows unauthenticated remote attackers to execute...
Install and configure CrowdSec on Linux to detect and block attacks using crowdsourced threat intelligence, custom scenarios, and iptables/nftables bouncers.
A newly discovered Linux implant called Quasar Linux RAT (QLNX) is silently targeting software developers to harvest credentials, log keystrokes, and...
The official website for JDownloader, one of the most widely-used open-source download managers, was compromised to distribute malicious Windows and Linux...
A new unpatched Linux zero-day exploit dubbed 'Dirty Frag' allows local attackers to gain root privileges on virtually all major Linux distributions with...
A critical command injection flaw in electerm's Linux installer allows remote attackers to execute arbitrary shell commands by injecting into unsanitized...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
The emerging Vect 2.0 ransomware — deployed against TeamPCP supply chain attack victims — permanently destroys files larger than 131KB due to a critical...
Threat hunters warn that VECT 2.0 ransomware contains a critical flaw in its encryption implementation that acts more like a wiper for files over 131KB...
A newly disclosed vulnerability in the PackageKit daemon, dubbed Pack2TheRoot, allows local Linux users to escalate privileges to root by abusing the...
A bypass of the CVE-2024-27297 patch in the Nix package manager allows attackers to follow symlinks during fixed-output derivation builds, enabling...
Microsoft Defender researchers have documented a stealthy PHP web shell technique that uses HTTP cookies as a covert command-and-control channel on Linux...
Build a self-hosted WireGuard VPN server on Ubuntu for secure remote access — with NAT masquerading, DNS leak protection, QR-code client provisioning, and...
Deploy Suricata as a full-featured Network Intrusion Detection and Prevention System on Ubuntu. Covers installation, interface capture, Emerging Threats...
Deploy CrowdSec on a Linux server to get community-powered intrusion prevention — block brute-force attacks, credential stuffing, and vulnerability...
Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...
Security researchers discover a new Linux botnet named SSHStalker that leverages the legacy IRC protocol for C2 operations, marking a return to old-school...
Comprehensive checklist for hardening Linux and Windows servers before production deployment. Covers OS configuration, network security, access controls,...
Researchers uncover VoidLink, an 88,000-line Zig-based malware framework built with AI assistance that targets AWS, Azure, GCP, and Kubernetes environments.
Secure your SSH servers with essential hardening techniques including key-based authentication, fail2ban configuration, and advanced security measures.
Comprehensive guide to hardening Linux servers covering user management, service configuration, kernel security, and ongoing maintenance for production systems.