GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer...

MAL-2026-4581 Malicious code in idlidosa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c6cba2c58d95d705af7dc5bb1c630129127835fb1ef15d4ccf43ec2818bf632 The package is purpose-built tooling to defeat exam-proctoring / lockdown software, with multiple installer-machine integrity harms triggered when th...

Astra Linux - уязвимость в chromium

The use of “after free” in Blink Task Scheduling in Google Chrome before version 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: fix warning – do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with a mutex and requires TASKRUNNING. Ensure that we mark the current context as TASKRUNNING for sleepable contexts. 77.554641 Do...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “hungtask”: fixed warnings caused by unaligned lock pointers. The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned so that their lower bits can be used for type encoding. However, as reported by...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: s390: Fixed a double-free of GS and RI CBs upon a fork failure. The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed task leakage in pm8001sendabortall In pm8001sendabortall, ensure that the allocated SAS task is freed if pm8001tagalloc or pm8001mpibuildcmd fails...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Remove the “crit lock” mechanism Removing the “crit lock” mechanism frees us from the error-prone logic of using trylocks. Thanks to netdevlock by Jakub, this is now easier, and in most cases we were already protected by it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Protection against accessing NULL pt regs in bpfgettaskstack The taskptregs function can return NULL on the powerpc architecture for kernel threads. This NULL value is then used in bpfgetstack to check for the user mode...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: w1: fixed the warning that appeared after calling w1process. I received the following warning message while removing the driver ds2482: ------------ cut here ------------ Do not call blocking operations when the !TASKRUNNING;...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to the no-failure path. Our syzbot instance reported memory leaks in doseccomp, similar to the reports 1. This indicates that we are failing to properly free the struct seccompfilter and some objects...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the fs/proc/taskmmu.c file, which is part of the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privileges to cause a denial of service...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iouring: Now waits for request completions upon exit. When the ring exits, cleanup is performed, and the final cancelations and waits for completions are handled by ioringexitwork. This function is invoked by kworker, which does...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is counted as a MMCID user before it becomes visible in the process’ thread list and the global task list. This creates the following problem: CPU1 CPU2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: The handling of vfork/CLONEVM functions must be corrected properly. Matthieu and Jiri reported a situation where a task repeatedly loops in mmgetcid during scheduling. It turned out that the logic for handling tasks...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed a use-after-free issue related to aborted TMF sastask. Currently, a use-after-free might occur if the TMF sastask is aborted before we handle the I/O completion in mpisspcompletion. This abort occurs due to a...

PT-2026-42364

Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabilit...

Linux Distros Unpatched Vulnerability : CVE-2026-43417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021563 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021532)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021532 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works...