Technology

Never-before-seen Linux malware is “far more advanced than typical”

Source

Ars Technica

Published

Jan 13, 2026

TL;DR

AI Generated

Researchers have identified a new Linux malware framework called VoidLink, featuring over 30 modules that offer advanced capabilities for attackers, including stealth, reconnaissance, privilege escalation, and lateral movement within networks. VoidLink is designed to target machines in popular cloud services like AWS, GCP, Azure, Alibaba, and Tencent, with plans to expand to other services. This sophisticated malware indicates a shift in attackers' focus towards Linux systems, cloud infrastructure, and application deployment environments, posing a significant threat to organizations. Checkpoint researchers describe VoidLink as a comprehensive ecosystem for maintaining long-term access to compromised Linux systems, emphasizing the need for heightened defense measures against such advanced threats.

Read Full Article

Linux exploit instantly grants administrator access on most distributions since 2017 — cryptography optimization snafu grants root privileges to local users

A recent Linux exploit, CVE-2026-31431, allows local unprivileged users to gain root access instantly on most Linux distributions since 2017. The exploit affects popular distros like Ubuntu, RHEL, Suse, and Amazon Linux, as well as Windows' WSL2. The vulnerability, discovered by Xint Code researchers, involves a cryptography optimization flaw that grants administrator privileges through a devious attack on the AF_ALG socket. While a patch has been released, some distributions may still be vulnerable, requiring mitigation methods like disabling AF_ALG sockets. The exploit occurs in memory without leaving detectable traces on disk, making it challenging to detect with security software.

Tom's Hardware•

6 hours ago

Microsoft brings a Linux-style window trick to Windows 11 via PowerToys, and I can’t go back

Microsoft's PowerToys introduces new features Grab And Move and Power Display in its latest v0.99 release for Windows 11, enhancing window management and display settings. Grab And Move allows users to move and resize windows from any part of the window, similar to Linux desktop environments. Power Display provides a convenient interface to control display settings like brightness and volume across multiple monitors. These features streamline tasks that should have been default in Windows, showcasing Microsoft's focus on improving core OS functionalities. Additionally, Command Palette Dock now offers a compact mode for better screen real estate utilization.

Windows Latest•

13 hours ago

The most severe Linux threat to surface in years catches the world flat-footed

A critical Linux vulnerability, named CopyFail (CVE-2026-31431), has been disclosed by security researchers, allowing unprivileged users to gain root access across various Linux distributions. The exploit code, released by Theori, works universally without modification, posing a significant threat to data centers and personal devices. While the Linux kernel security team patched the vulnerability in several versions, many distributions had not yet implemented the fixes at the time of the exploit's release. This flaw enables attackers to execute malicious activities like hacking multi-tenant systems and creating backdoors, emphasizing the severity of the issue.

Ars Technica•

20 hours ago

PS5 Linux loader goes public, turning ‘Phat’ consoles into full Linux PCs — build script includes bootable Ubuntu 24.04 image, can output 4K games at 60 FPS

Security engineer Andy Nguyen, also known as TheFlow, has released ps5-linux on GitHub, a toolchain for booting Linux on PlayStation 5 Phat consoles running specific firmware versions. The project includes a Linux payload, a build script for a bootable Ubuntu 24.04 image, tools for SSD installation, and a fan/CPU/GPU control utility. The PS5 can run as a Linux desktop with access to CPU and GPU boost clocks, outputting video and audio at up to 4K 60Hz. This soft mod requires re-running the exploit each time to boot into Linux and offers an affordable alternative for Linux gamers.