More results...
The Fedora Project released Fedora Linux 44, delivering updated desktop environments, revised installer behavior, and several lower-level system changes across its editions and spins. The release covers the project’s flagship editions, including …
SimpleX Chat is a free, private, open-source messenger that uses encryption and does not require user identifiers. It is available on mobile and desktop platforms, including iOS, Android, Windows, macOS, and Linux. After downloading the app, the user c…
Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions.
CISA and NCSC warn that FIRESTARTER, a Linux-based backdoor, targets Cisco Firepower devices, evades patches, and enables persistent access even after firmware updates.
Stratis is a tool for configuring pools and filesystems with enhanced storage functionality within the existing Linux storage management stack. It focuses on a command-line interface, an API, and an automated approach to storage management. It builds o…
As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass sec…
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.
The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek.
Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls…
Recently, I completed the “Sorcery” machine on Hack The Box (Insane difficulty), which provided a deep, multi-layered challenge combining modern web exploitation, internal pivoting, and complex privilege escalation.
The attack began with reconnaissance…
‘Pack2TheRoot’ flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users install or remove system packages without authorization, potentially gaining full root access. The vulnerability is rated high severity, CVSS score of 8.8, and has existed for nearly 12 […]