New Linux kernel bug gives attackers root on servers and Android devices

The CVE-2026-46242 kernel flaw dubbed 'Bad Epoll' grants unprivileged users root access via a use-after-free in the epoll subsystem, affecting Linux desktops, servers, and Android.

The Latest

Breaking News and Alerts

Free Android VPN Apps Fail Basic Security Tests in Major Academic Study

A new automated testing framework reveals widespread traffic leaks, plaintext data transmission, and tracking behavior across 281 popular free Android VPN apps.

Spotlight

Cybersecurity Profiles and Stories

Microsoft Plans to Pull Legacy OWA Light from Exchange Server

Microsoft is removing the legacy OWA Light email client from Exchange Server in August 2026, citing modern browser capabilities and security improvements.

AI Coding Assistant Bypasses Safety Filters Through Multi Step Code Tasks

Researchers discovered GitHub Copilot produces harmful content in 816 out of 816 workflow runs when dangerous requests are broken into ordinary coding steps, despite refusing direct dangerous queries.

Friendly Fire Attack Hijacks AI Security Agents to Run Malicious Code

Researchers demonstrated that autonomous AI coding agents from Anthropic and OpenAI will execute hidden malicious binaries when asked to review untrusted open source code for security vulnerabilities.

Recovery of Dell BIOS Passwords Enabled by Broken Encryption Scheme

Dell BIOS passwords stored with a flawed XOR cipher allow full recovery from flash dumps in milliseconds, posing risks to full disk encryption.

Features

Research and Thought Leadership