#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

Vulnerability | Breaking Cybersecurity News | The Hacker News

Category — Vulnerability
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

Jun 19, 2025 Linux / Vulnerability
Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities , discovered by Qualys, are listed below - CVE-2025-6018 - LPE from unprivileged to allow_active in SUSE 15's Pluggable Authentication Modules ( PAM ) CVE-2025-6019 - LPE from allow_active to root in libblockdev via the udisks daemon "These modern 'local-to-root' exploits have collapsed the gap between an ordinary logged-in user and a full system takeover," Saeed Abbasi, Senior Manager at Qualys Threat Research Unit (TRU), said . "By chaining legitimate services such as udisks loop-mounts and PAM/environment quirks, attackers who own any active GUI or SSH session can vault across polkit's allow_active trust zone and emerge as root in seconds." The cybersecurity company said CVE-2025-6018 is present in the PAM configuration of openSUSE Leap ...
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

Jun 18, 2025 Linux / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities ( KEV ) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible systems. It was patched in early 2023. "Linux kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount," the agency said. "This uid mapping bug allows a local user to escalate their privileges on the system." It's currently not known how the security flaw is being exploited in the wild. In a report published in May 2023, Datadog said the vulnerability...
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Jun 18, 2025 Vulnerability / Data Protection
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," the company said in an advisory. CVE-2025-23121 impacts all earlier version 12 builds, including 12.3.1.1139. It has been addressed in version 12.3.2 (build 12.3.2.3617). Security researchers at CODE WHITE GmbH and watchTowr have been credited with discovering and reporting the vulnerability. Cybersecurity company Rapid7 noted that the update likely addresses concerns shared by CODE WHITE in late March 2025 that the patch put in place to plug a similar hole ( CVE-2025-23120 , CVSS score: 9.9) could be bypassed. Also addressed by Veeam is another flaw in the same product (CVE-2025...
cyber security

Stop Lateral Movement Now

websiteElisityIdentity Security / Microsegmentation
Download your expert's buying checklist
cyber security

Make the Most of the Security Tools You Already Have

websitePelude SecurityThreat Management
Identify critical gaps and misconfigurations in your security tools with Prelude's 14-day free trial.
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

Jun 17, 2025 Vulnerability / LLM Security
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform that allows users to develop, test, and monitor large language model (LLM) applications, including those built using LangChain. The service also offers what's called a LangChain Hub , which acts as a repository for all publicly listed prompts, agents, and models. "This newly identified vulnerability exploited unsuspecting users who adopt an agent containing a pre-configured malicious proxy server uploaded to 'Prompt Hub,'" researchers Sasi Levi and Gal Moyal said in a report shared with The Hacker News. "Once adopted, the malicious proxy discreetly intercepted all user communicatio...
Are Forgotten AD Service Accounts Leaving You at Risk?

Are Forgotten AD Service Accounts Leaving You at Risk?

Jun 17, 2025 Password Security / Active Directory
For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, automation scripts, or test environments) are often left active with non-expiring or stale passwords. It's no surprise that AD service accounts often evade routine security oversight. Security teams, overwhelmed by daily demands and lingering technical debt, often overlook service accounts (unlinked to individual users and rarely scrutinized) allowing them to quietly fade into the background. However, this obscurity makes them prime targets for attackers seeking stealthy ways into the network. And left unchecked, forgotten service accounts can serve as silent gateways for attack paths and lateral movement across enterprise environments. In this article, we'll examine the risks that forgotten AD service accounts...
Expert Insights Articles Videos
Cybersecurity Resources