On the server and on the desktop, these apps helped showcase what Linux can do.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and Linux.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...

archinstall 4.0 replaces the curses interface with Textual, adds firewall and UKI support, and fundamentally modernizes the internal architecture.

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

A newly developed bioinformatics tool, MPGK, integrates Mendelian randomization, polygenic risk score, Gene Ontology, and the ...

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.

Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...