The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

The things we’re building

For the last couple of weeks, I’ve been asking you to share the things you’ve been making recently. Apps, games, albums, ...

Severe Linux Copy Fail security flaw uncovered using AI scanning help

Copy Fail was identified by Theori’s researchers with assistance from their Xint Code AI tool. According to a blog post, ...

The Prompt Engineering Cheat Sheet: How to Write Better AI Prompts

Learn prompt engineering with this practical cheat sheet that covers frameworks, techniques, and tips for producing more ...

"Copy Fail": Linux root in all major distributions with 732 bytes of Python

The discoverers have named the root vulnerability "Copy Fail". All major distributions since 2017 are affected.

New 'Copy Fail' Flaw In Linux Kernel Lets Any Local User Seize Root Access: Here's How To Fix It

The flaw allows an unprivileged local user to write four controlled bytes into the page cache of any readable file on a Linux ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Anthropic’s Claude can now work directly inside Photoshop, Blender, and Autodesk Fusion

Creative professionals can now directly command tools like Photoshop and Blender using plain language, thanks to Anthropic's ...
The Manufacturer

The AI-powered R&D department: how agentic AI is supercharging engineering velocity

Industrial R&D teams sit on a goldmine of testing and operational data. But until now, unlocking that data required costly, ...