CVE-2026-46333 — 'ssh-keysign-pwn': SSH key theft and root credentials via ptrace race condition
A 9-year-old flaw in the Linux kernel's __ptrace_may_access() function allows an unprivileged local user to read SSH host private keys and the /etc/shadow password database. CVSS 5.5, public exploits available. Patches available.
Read more →CVE-2026-46300 — 'Fragnesia': critical privilege escalation in ESP-in-TCP
A new Linux kernel vulnerability in the XFRM ESP-in-TCP subsystem bypasses the Dirty Frag patch and allows privilege escalation to root. CVSS 7.8. Patches available.
Read more →What an hour of downtime really costs an SMB
Server down, network cut, business application unavailable — the cost of one hour of downtime almost always exceeds what managers estimate. And most outages last far longer than an hour.
Read more →Ransomware: what makes the difference in the 72 hours after an attack?
When ransomware hits, recovery doesn't depend on the antivirus you had installed — it depends on the backup you tested. Here's what actually happens in the first 72 hours.
Read more →CVE-2026-43284 & CVE-2026-43500 — 'Dirty Frag': dual privilege escalation in the Linux kernel
Two chained vulnerabilities in the ESP/IPsec and RxRPC subsystems of the Linux kernel allow an unprivileged local user to obtain root. CVSS 7.8, active exploitation confirmed. Patches being deployed.
Read more →CVE-2026-31431 — Critical privilege escalation in the Linux kernel
A vulnerability in the Linux kernel's algif_aead module allows an unprivileged user to obtain root. CVSS 7.8, active exploitation confirmed. Patch available.
Read more →