PyFEX: Uncovering Evasive Python-Based Threats Via Resilient and Exhaustive Path Exploration

The rapid expansion of the Python ecosystem has fueled two distinct but converging threats: adversaries increasingly target the software supply chain via the Python Package Index PyPI, while also building evasive, cross-platform malicious binaries compiled from source code written in Python...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Honor the “dormant flag” from the netdev release event path. Check for the “dormant flag” of the table otherwise the netdev release event path attempts to unregister an already unregistered hook...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not unregister a hook when the table is dormant. When nftablesupdchain encounters an error, the hook registration needs to be rolled back. This should only be done if the hook has been registered, which wi...

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Failure to set the “dormant flag” on the hook register. We need to set the “dormant flag” again if we fail to register the hooks. During memory pressure, hook registration can fail, resulting in a table being...

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. This statefulness introduces a new security risk: adversarial content can corrupt what an assistant remembers and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: rejecting new basechains after table flag updates When the “dormant” flag is toggled, hooks are disabled during the commit phase by iterating over existing and new chains in the table. The following...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005599 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005416 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat IRC communication protocol for command-and-control C2 purposes. "The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22064)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22064 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't unregister ho...

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox. The activity is assessed to be the work of...

Linux Distros Unpatched Vulnerability : CVE-2024-35900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is...

netfilter: nf_tables: don't unregister hook when table is dormant

...

A Halpha Metric for Identifying Dormant Black Holes in X-Ray Transients

Dormant black holes BHs in X-ray transients can be identified by the presence of broad Ha emission lines from quiescent accretion discs. Unfortunately, short-period cataclysmic variables CVs can also produce broad Ha lines, especially when viewed at high inclinations, and are thus a major source ...

Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise

You don’t need a rogue employee to suffer a breach. All it takes is a free trial that someone forgot to cancel. An AI-powered note-taker quietly syncing with your Google Drive. A personal Gmail account tied to a business-critical tool. That’s shadow IT. And today, it’s not just about unsanctioned...

Sleeping Giants -- Activating Dormant Java Deserialization Gadget Chains through Stealthy Code Changes

Java deserialization gadget chains are a well-researched critical software weakness. The vast majority of known gadget chains rely on gadgets from software dependencies. Furthermore, it has been shown that small code changes in dependencies have enabled these gadget chains. This makes gadget chai...

BadMoE: Backdooring Mixture-Of-Experts LLMs Via Optimizing Routing Triggers and Infecting Dormant Experts

Mixture-of-Experts MoE have emerged as a powerful architecture for large language models LLMs, enabling efficient scaling of model capacity while maintaining manageable computational costs. The key advantage lies in their ability to route different tokens to different "expert'' networks within th...

SUSE CVE-2025-22064

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't unregister hook when table is dormant When nftablesupdchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registered, which won't happen...

UBUNTU-CVE-2025-22064

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't unregister hook when table is dormant When nftablesupdchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registered, which won't happen...

DEBIAN-CVE-2025-22064

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't unregister hook when table is dormant When nftablesupdchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registered, which won't happen...