SecLens 情报中心

社区情报

来自安全社区、研究机构和开源生态的情报。

Linux Security Monitoring Challenges and EDR Visibility Gaps

发布时间 2026-05-14 19:51 (UTC+08:00) 抓取时间 2026-05-15 07:30 (UTC+08:00)

An attacker compromises a Linux container, launches a cryptominer, sets up a way to stay in the system through a background task, and disappears before the investigation even begins. By the time analysts start looking at the logs, the workload has shut down, and the container no longer exists.
扩展字段
```
{
  "categories": [
    "features",
    "linux-container-visibility-blind-spots",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/root/features/linux-container-visibility-blind-spots",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:features category:linux category:linux-container-visibility-blind-spots category:linux security category:security security-news
Linux Kernel Fragnesia Critical Privilege Escalation CVE-2026-46300

发布时间 2026-05-14 19:32 (UTC+08:00) 抓取时间 2026-05-15 02:35 (UTC+08:00)

Linux administrators are once again dealing with a familiar problem: a local Linux foothold that can potentially become full root access.
扩展字段
```
{
  "categories": [
    "features",
    "fragnesia-linux-privilege-escalation",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/root/features/fragnesia-linux-privilege-escalation",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:features category:fragnesia-linux-privilege-escalation category:linux category:linux security category:security security-news
RubyGems Attack Highlights Open Source Supply Chain Risks for Linux Teams

发布时间 2026-05-14 16:02 (UTC+08:00) 抓取时间 2026-05-14 20:30 (UTC+08:00)

RubyGems temporarily suspended new account registrations this week after threat actors pushed hundreds of malicious packages into the Ruby package ecosystem. At first glance, that may sound like a Ruby-specific problem. It is not.
扩展字段
```
{
  "categories": [
    "features",
    "rubygems-attack-linux-supply-chain-risk",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/root/features/rubygems-attack-linux-supply-chain-risk",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:features category:linux category:linux security category:rubygems-attack-linux-supply-chain-risk category:security security-news
Why CI/CD Pipelines Became Targets in Software Supply Chain Attacks

发布时间 2026-05-14 16:01 (UTC+08:00) 抓取时间 2026-05-14 20:30 (UTC+08:00)

For years, software security discussions centered on vulnerable code. A bug inside an application could expose a workstation, production server, or cloud workload, so most supply chain conversations focused on malicious packages, outdated dependencies, and exploitable libraries buried somewhere inside the stack. That is no longer the main problem.
扩展字段
```
{
  "categories": [
    "features",
    "supply-chain-attacks-ci-cd-security",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/root/features/supply-chain-attacks-ci-cd-security",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:features category:linux category:linux security category:security category:supply-chain-attacks-ci-cd-security security-news
Why Red Hats krb5 Update Matters for Linux and Windows Authentication

发布时间 2026-05-14 15:40 (UTC+08:00) 抓取时间 2026-05-14 21:30 (UTC+08:00)

Red Hat released an Important krb5 security update for Red Hat Enterprise Linux 8 this week, addressing two vulnerabilities tracked as CVE-2026-40355 and CVE-2026-40356. On paper, it looks like another Linux package advisory.
扩展字段
```
{
  "categories": [
    "features",
    "red-hat-krb5-security-update",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/root/features/red-hat-krb5-security-update",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:features category:linux category:linux security category:red-hat-krb5-security-update category:security security-news
Mageia 9 perl-XML-LibXML High Buffer Overflow Vulnerability MGASA-2026-0137

发布时间 2026-05-14 12:44 (UTC+08:00) 抓取时间 2026-05-14 20:30 (UTC+08:00)

MGASA-2026-0137 - Updated perl-XML-LibXML packages fix security vulnerability
扩展字段
```
{
  "categories": [
    "mageia",
    "mageia-2026-0137-perl-xml-libxml",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/advisories/mageia/mageia-2026-0137-perl-xml-libxml",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:linux category:linux security category:mageia category:mageia-2026-0137-perl-xml-libxml category:security security-news
Mageia 9 perl-Net-CIDR-Lite Severe IP ACL Bypass Vulnerability 2026-0136

发布时间 2026-05-14 12:44 (UTC+08:00) 抓取时间 2026-05-14 20:30 (UTC+08:00)

MGASA-2026-0136 - Updated perl-Net-CIDR-Lite packages fix security vulnerabilities
扩展字段
```
{
  "categories": [
    "mageia",
    "mageia-2026-0136-perl-net-cidr-lite",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/advisories/mageia/mageia-2026-0136-perl-net-cidr-lite",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:linux category:linux security category:mageia category:mageia-2026-0136-perl-net-cidr-lite category:security security-news
Mageia 9 dnsmasq Moderate Denial of Service and Buffer Overflow Alert

发布时间 2026-05-14 12:44 (UTC+08:00) 抓取时间 2026-05-14 20:30 (UTC+08:00)

MGASA-2026-0135 - Updated dnsmasq packages fix security vulnerabilities
扩展字段
```
{
  "categories": [
    "mageia",
    "mageia-2026-0135-dnsmasq",
    "Linux",
    "Linux Security",
    "Security"
  ],
  "guid": "https://linuxsecurity.com/advisories/mageia/mageia-2026-0135-dnsmasq",
  "guid_attributes": {
    "isPermaLink": "true"
  }
}
```
LinuxSecurity Hybrid category:linux category:linux security category:mageia category:mageia-2026-0135-dnsmasq category:security security-news

全部来源 Cloudflare 博客腾讯云安全公告 Adobe 安全公告阿里云 AVD Ubuntu 安全通告启明星辰安全通告 Amazon Linux AL2 公告 Amazon Linux AL2023 公告 AWS 安全公告 MSRC 更新指南 Oracle 安全警报 Apple 安全更新 Chrome 稳定版更新 Red Hat 安全公告 Atlassian 安全公告 NVIDIA 安全公告华为安全公告联想安全公告阿里云 Linux 安全公告阿里云 Linux CVE 通知阿里云安全公告 Amazon Linux 1 (EOL)安全公告 Amazon Linux 安全公告长亭漏洞库 Seebug 漏洞库 CISA KEV Catalog 微步银狐情报微步银狐 IOC Ransomware.live 近期受害者工信部 CNVDB CNNVD 通报 CNNVD 漏洞库 CNVD 漏洞库 FreeBuf 社区 TC260 标准征求意见 Seebug 技术 Paper GitHub Advisory HackerOne 博客 Exploit-DB 安天每日安全简讯 LinuxSecurity Hybrid VulDB 地方采购（CCGP）中央采购（CCGP） The Hacker News 嘶吼安全资讯 Doonsec 微信聚合 arXiv cs.CR VIPRead 信息安全知识库 RSA Conference Podcast 会议与培训融资快讯并购整合情报快报事件通报工具更新产品发布

社区情报

订阅来源 RSS