Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
41 articles

#Linux

All CosmicBytez Labs articles tagged #Linux, across news, security advisories, how-to guides, and projects.

  • HOWTOJul 6, 2026

    Fail2ban: Automated Brute Force Protection for Linux Servers

    Deploy Fail2ban to automatically ban IPs hammering your SSH and web services. Covers installation, jail configuration, custom filters, and monitoring...

  • NewsJul 4, 2026

    New 'Bad Epoll' Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    A use-after-free bug in the Linux kernel's epoll subsystem — CVE-2026-46242 — lets any local user escalate to root on Linux 6.4+ with ~99% reliability. A...

  • NewsJul 2, 2026

    AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

    Researchers have uncovered a novel malware artifact generated using DeepSeek that weaponizes the Chromium File System Access API to encrypt files entirely...

  • NewsJun 29, 2026

    Critical SimpleHelp Flaw Exploited to Deploy Djinn Infostealer

    Hackers are actively exploiting CVE-2026-48558 in SimpleHelp remote support software to deploy Djinn Stealer, a previously undocumented cross-platform...

  • NewsJun 29, 2026

    Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

    Attackers poisoned at least 18 npm and Go packages with a novel technique: hiding malware in .vscode/tasks.json auto-run tasks, bypassing npm v12's...

  • HOWTOJun 29, 2026

    Linux auditd: Kernel-Level Security Monitoring and Compliance Logging

    Deploy and tune the Linux Audit Framework (auditd) to capture privileged operations, file access, and authentication events — building a tamper-resistant...

  • NewsJun 28, 2026

    Linux Foundation Unveils New Open Source Security Project Akrites

    The Linux Foundation has launched Akrites, a new open source security initiative designed to give the community standardized tools and channels to report,...

  • HOWTOJun 15, 2026

    Docker Security Hardening: Locking Down Container Environments

    A practical, step-by-step guide to hardening Docker deployments — from non-root users and read-only filesystems to capability drops, resource limits, and...

  • SecurityJun 14, 2026

    CVE-2026-54420: LiteSpeed cPanel Plugin Symlink Escape on Shared Hosting

    A high-severity symlink vulnerability in the LiteSpeed cPanel plugin (CVSS 8.5) allows users with FTP or web shell access to escape CloudLinux/CageFS...

  • NewsJun 13, 2026

    China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

    Sygnia researchers uncovered Velvet Ant, a China-nexus APT that spent close to a decade hidden inside Linux authentication infrastructure by backdooring...

  • SecurityJun 13, 2026

    CVE-2026-12183: Critical Auth Bypass in Gas Station Automation System

    A CVSS 9.8 authentication bypass in Nefteprodukttekhnika's BUK TS-G Gas Station Automation System allows any unauthenticated attacker to gain full...

  • SecurityJun 3, 2026

    CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability

    A Linux kernel vulnerability in the cgroups v1 release_agent feature allows local attackers to escalate privileges and escape containers. Added to CISA KEV…

  • NewsJun 2, 2026

    Microsoft's Coreutils Project Brings Linux Commands to Windows

    Microsoft announced Coreutils for Windows at Build 2026, bringing widely used Linux command-line utilities — ls, grep, cat, awk, and more — to Windows as…

  • HOWTOJun 1, 2026

    Osquery Endpoint Visibility & Threat Hunting

    Use SQL to query your endpoints like a database. Deploy osquery across Linux and Windows hosts to surface process trees, network connections, user activity…

  • SecurityMay 29, 2026

    CVE-2026-4408: Samba OS Command Injection via Check Password Script

    A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...

  • NewsMay 25, 2026

    Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets

    This week's security roundup covers Linux privilege escalation zero-days, actively exploited Windows Defender vulnerabilities, router botnets hijacking DNS.

  • NewsMay 23, 2026

    Packagist Supply Chain Attack Infects 8 Packages Using

    A coordinated supply chain attack campaign has infected eight Packagist Composer packages with malicious code that downloads and executes a Linux binary...

  • NewsMay 22, 2026

    ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI

    This week's threat intelligence bulletin covers Linux rootkit campaigns, an actively exploited router zero-day, AI-assisted intrusions, new scam kit...

  • NewsMay 15, 2026

    Microsoft Exchange, Windows 11 Hacked on Second Day of Pwn2Own

    On day two of Pwn2Own Berlin 2026, competitors demonstrated 15 unique zero-day vulnerabilities and collected $385,750 in awards, successfully exploiting...

  • NewsMay 13, 2026

    New Critical Exim Mailer Flaw Allows Remote Code Execution

    A critical vulnerability in certain configurations of the Exim open-source mail transfer agent allows unauthenticated remote attackers to execute...

  • HOWTOMay 11, 2026

    CrowdSec: Deploy a Community-Powered Intrusion Prevention System

    Install and configure CrowdSec on Linux to detect and block attacks using crowdsourced threat intelligence, custom scenarios, and iptables/nftables bouncers.

  • NewsMay 10, 2026

    Quasar Linux RAT Steals Developer Credentials for Software

    A newly discovered Linux implant called Quasar Linux RAT (QLNX) is silently targeting software developers to harvest credentials, log keystrokes, and...

  • NewsMay 9, 2026

    JDownloader Site Hacked to Replace Installers with Python

    The official website for JDownloader, one of the most widely-used open-source download managers, was compromised to distribute malicious Windows and Linux...

  • NewsMay 9, 2026

    New Linux 'Dirty Frag' Zero-Day Gives Root on All Major

    A new unpatched Linux zero-day exploit dubbed 'Dirty Frag' allows local attackers to gain root privileges on virtually all major Linux distributions with...

  • SecurityMay 8, 2026

    CVE-2026-41501: electerm Linux Command Injection via Install Script

    A critical command injection flaw in electerm's Linux installer allows remote attackers to execute arbitrary shell commands by injecting into unsanitized...

  • NewsMay 3, 2026

    CISA Adds Actively Exploited Linux Root Access Bug

    The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...

  • NewsApr 29, 2026

    Vect 2.0 Ransomware Acts as Wiper Thanks to Design Error

    The emerging Vect 2.0 ransomware — deployed against TeamPCP supply chain attack victims — permanently destroys files larger than 131KB due to a critical...

  • NewsApr 29, 2026

    VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB

    Threat hunters warn that VECT 2.0 ransomware contains a critical flaw in its encryption implementation that acts more like a wiper for files over 131KB...

  • NewsApr 26, 2026

    New 'Pack2TheRoot' Flaw Gives Hackers Root Linux Access

    A newly disclosed vulnerability in the PackageKit daemon, dubbed Pack2TheRoot, allows local Linux users to escalate privileges to root by abusing the...

  • SecurityApr 9, 2026

    CVE-2026-39860: Nix Symlink Attack Allows Root File

    A bypass of the CVE-2024-27297 patch in the Nix package manager allows attackers to follow symlinks during fixed-output derivation builds, enabling...

  • NewsApr 4, 2026

    Microsoft Details Cookie-Controlled PHP Web Shells

    Microsoft Defender researchers have documented a stealthy PHP web shell technique that uses HTTP cookies as a covert command-and-control channel on Linux...

  • ProjectApr 1, 2026

    WireGuard Road Warrior VPN Server

    Build a self-hosted WireGuard VPN server on Ubuntu for secure remote access — with NAT masquerading, DNS leak protection, QR-code client provisioning, and...

  • HOWTOMar 30, 2026

    Suricata IDS/IPS Deployment: From Install to Active Threat

    Deploy Suricata as a full-featured Network Intrusion Detection and Prevention System on Ubuntu. Covers installation, interface capture, Emerging Threats...

  • ProjectMar 27, 2026

    Build a Collaborative IPS with CrowdSec

    Deploy CrowdSec on a Linux server to get community-powered intrusion prevention — block brute-force attacks, credential stuffing, and vulnerability...

  • NewsMar 18, 2026

    Critical Unpatched GNU Telnetd Flaw (CVE-2026-32746)

    Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...

  • NewsFeb 11, 2026

    SSHStalker Linux Botnet Uses IRC Protocol for Command and Control

    Security researchers discover a new Linux botnet named SSHStalker that leverages the legacy IRC protocol for C2 operations, marking a return to old-school...

  • ChecklistFeb 10, 2026

    Server Hardening Security Checklist

    Comprehensive checklist for hardening Linux and Windows servers before production deployment. Covers OS configuration, network security, access controls,...

  • NewsFeb 9, 2026

    VoidLink: AI-Generated Cloud-Native Malware Framework

    Researchers uncover VoidLink, an 88,000-line Zig-based malware framework built with AI assistance that targets AWS, Azure, GCP, and Kubernetes environments.

  • HOWTOJan 28, 2026

    SSH Hardening Best Practices

    Secure your SSH servers with essential hardening techniques including key-based authentication, fail2ban configuration, and advanced security measures.

  • HOWTOJan 28, 2026

    WireGuard VPN Setup and Security Hardening on Linux

    Deploy a hardened WireGuard VPN server on Linux — key generation, server and client config, firewall rules, and security best practices for production use.

  • HOWTOJan 26, 2026

    Linux Server Hardening: Complete Security Checklist

    Comprehensive guide to hardening Linux servers covering user management, service configuration, kernel security, and ongoing maintenance for production systems.