Technology

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Source

Ars Technica

Published

Apr 22, 2026

TL;DR

AI Generated

Microsoft has issued an emergency update for its ASP.NET Core to address a critical vulnerability (CVE-2026-40372) affecting versions 10.0.0 through 10.0.6 of the Microsoft.AspNetCore.DataProtection NuGet package on macOS and Linux. The flaw allows unauthenticated attackers to gain SYSTEM privileges by forging authentication payloads during the HMAC validation process. Even after patching, devices may still be at risk if forged credentials created by threat actors are not removed. ASP.NET Core is a high-performance web development framework for creating .Net apps on various platforms, including Windows, macOS, Linux, and Docker.

Read Full Article

Canonical under sustained DDoS attack as Ubuntu 26 releases — Iranian group 313 Team claims responsibility

Canonical, the company behind Ubuntu Linux, is facing a Distributed Denial of Service (DDoS) attack claimed by the Iranian group 313 Team. The attack has affected Canonical's infrastructure, causing slowdowns and outages on Ubuntu download and update mirrors, the main website, Launchpad, Snap store, and other services. Despite the attack coinciding with the release of Ubuntu 26 LTS, there have been no reported security compromises on package repositories or ISO images. Users are advised to access Ubuntu downloads from alternative non-Canonical sources during this period.

Tom's Hardware•

19 hours ago

Ubuntu infrastructure has been down for more than a day

Ubuntu and Canonical servers have been down for over a day due to a sustained, cross-border attack, hindering communication and updates for users. While attempts to access their webpages have failed, updates from mirror sites are still functioning. A group linked to the Iranian government has claimed responsibility for the outage, using a DDoS attack. This incident highlights the ongoing challenge of cyber attacks on tech infrastructure.

Ars Technica•

19 hours ago

Linux exploit instantly grants administrator access on most distributions since 2017 — cryptography optimization snafu grants root privileges to local users

A recent Linux exploit, CVE-2026-31431, allows local unprivileged users to gain root access instantly on most Linux distributions since 2017. The exploit affects popular distros like Ubuntu, RHEL, Suse, and Amazon Linux, as well as Windows' WSL2. The vulnerability, discovered by Xint Code researchers, involves a cryptography optimization flaw that grants administrator privileges through a devious attack on the AF_ALG socket. While a patch has been released, some distributions may still be vulnerable, requiring mitigation methods like disabling AF_ALG sockets. The exploit occurs in memory without leaving detectable traces on disk, making it challenging to detect with security software.

Tom's Hardware•

1 day ago

The most severe Linux threat to surface in years catches the world flat-footed

A critical Linux vulnerability, named CopyFail (CVE-2026-31431), has been disclosed by security researchers, allowing unprivileged users to gain root access across various Linux distributions. The exploit code, released by Theori, works universally without modification, posing a significant threat to data centers and personal devices. While the Linux kernel security team patched the vulnerability in several versions, many distributions had not yet implemented the fixes at the time of the exploit's release. This flaw enables attackers to execute malicious activities like hacking multi-tenant systems and creating backdoors, emphasizing the severity of the issue.