InfoQ - Security Vulnerabilities - News https://www.infoq.com InfoQ Security Vulnerabilities News feed Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution https://www.infoq.com/news/2026/05/copy-fail-dirty-frag-linux/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news <img src="https://res.infoq.com/news/2026/05/copy-fail-dirty-frag-linux/en/headerimage/generatedHeaderImage-1778536323907.jpg"/><p>Two recent Linux kernel vulnerabilities have been disclosed: Copy Fail (CVE-2026-31431) on April 29, 2026, and Dirty Frag (CVE-2026-43284 and CVE-2026-43500) on May 7, 2026. Both allow local users to gain root access, affecting multiple Linux distributions. These vulnerabilities exploit flaws in the page cache via different subsystems, necessitating immediate patching by affected organizations.</p> <i>By Matt Saunders</i> Linux Security Vulnerabilities DevOps news Tue, 12 May 2026 08:00:00 GMT https://www.infoq.com/news/2026/05/copy-fail-dirty-frag-linux/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news Matt Saunders 2026-05-12T08:00:00Z /news/2026/05/copy-fail-dirty-frag-linux/en Attacker Bought 30 WordPress Plugins on Flippa and Backdoored All of Them https://www.infoq.com/news/2026/05/wordpress-plugins-supply-chain/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news <img src="https://res.infoq.com/news/2026/05/wordpress-plugins-supply-chain/en/headerimage/generatedHeaderImage-1777874069748.jpg"/><p>An attacker purchased 30+ WordPress plugins on Flippa for six figures, planted a PHP deserialization backdoor in the first commit, and waited eight months before activating it across 400,000 installations. The attack used Ethereum smart contracts to resolve C2. WordPress.org has no mechanism for reviewing plugin ownership transfers, a gap that npm and PyPI addressed years ago.</p> <i>By Steef-Jan Wiggers</i> Software Supply Chain Application Security Dependency Management Security Vulnerabilities Development Architecture & Design news Wed, 06 May 2026 10:00:00 GMT https://www.infoq.com/news/2026/05/wordpress-plugins-supply-chain/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news Steef-Jan Wiggers 2026-05-06T10:00:00Z /news/2026/05/wordpress-plugins-supply-chain/en Cloudflare Processes 10M+ Daily Insights with New Security Overview Dashboard https://www.infoq.com/news/2026/05/cloudflare-security-dashboard/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news <img src="https://res.infoq.com/news/2026/05/cloudflare-security-dashboard/en/headerimage/cloudflaredashboard-1776822044625.jpeg"/><p>Cloudflare has launched a Security Overview dashboard that consolidates security signals into prioritized action items. It surfaces millions of daily insights, helping teams identify and remediate critical risks faster. Built on distributed checkers and real-time event processing, it integrates analytics workflows to reduce investigation overhead and improve response efficiency.</p> <i>By Leela Kumili</i> Threat detection Security Observability Incident Response Real Time Threats Security Assessment Cloudflare Security Vulnerabilities AI, ML & Data Engineering Development Architecture & Design news Mon, 04 May 2026 14:33:00 GMT https://www.infoq.com/news/2026/05/cloudflare-security-dashboard/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Security+Vulnerabilities-news Leela Kumili 2026-05-04T14:33:00Z /news/2026/05/cloudflare-security-dashboard/en