Two New Linux Root Exploits, Amazon Q Vulnerability and SharkLoader Malware

THN Daily Updates Webinar ➞ Source Code, Contracts, PII--Oh My: How to Stop Leaks to ChatGPT Learn how to identify, monitor, and stop data leaks to AI tools like ChatGPT. Discover practical methods to gain real-time visibility, enforce controls, and prevent sensitive data exposure at the source. Download Now Sponsored LATEST NEWS Jun 27, 2026 FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery... Read More New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersk... Read More The missing link between your IT and HR strategy IT and HR decisions don't happen in silos anymore. This toolkit—built with AWS—gives IT leaders the frameworks, checklists, and integration guidance needed to align with HR and drive workforce infrastructure that actually scales. Free download. Read More Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. Th... Read More New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act... Read More Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the r... Read More CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) ... Read More New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this v... Read More Webinar ➞ Source Code, Contracts, PII--Oh My: How to Stop Leaks to ChatGPT Learn how to identify, monitor, and stop data leaks to AI tools like ChatGPT. Discover practical methods to gain real-time visibility, enforce controls, and prevent sensitive data exposure at the source. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi