Microsoft Defender Security Research recently disclosed CVE-2026-31431—nicknamed “Copy Fail”—a high‑severity local privilege escalation in the Linux kernel’s crypto subsystem that enables an unprivileged user to escalate to root. The vulnerability affects kernels released since 2017 and has broad implications for cloud and container environments because the exploit can corrupt in-memory representations of readable files (including setuid binaries) without changing the
Author: Saugata Datta
I’m an IT/DevOps professional with many years of hands-on experience across Windows, Linux, Automation, Backup and Cloud. I love building real-world automations to make infrastructure reliable, secure, and self-healing. Through this blog, I share practical learnings from enterprise projects and my home-lab experiments on Cloudflare, Self-Hosting and everything in between. Always tinkering, always improving.
Amazon Faces Months of Repairs After Drone Strikes Cripple Middle East Data Centers
Amazon Web Services says recovery from drone strikes that hit its data centers in the United Arab Emirates and Bahrain will be measured in months, leaving customers in the region facing prolonged disruption and prompting a broader rethink of investments in Middle East infrastructure. The attacks, part of a wider bout of regional hostilities, knocked core compute racks offline, triggered
Ditching PsExec – Running Interactive SYSTEM Shells Natively in PowerShell
If you’ve spent any time in Windows System Administration over the last decade, I can almost guarantee you’ve reached for PsExec at least once. Originally from Sysinternals and now officially part of Microsoft, PsExec is one of those deceptively simple tools that has quietly saved thousands of IT professionals from hours of sheer agony. A single executable, zero installation, no
Cloudflare makes post‑quantum IPsec generally available
For years, the internet’s move to post‑quantum cryptography focused first on TLS, but site‑to‑site networking has lagged behind. Today Cloudflare is announcing general availability of post‑quantum encryption for Cloudflare IPsec, bringing hybrid ML‑KEM protection to WAN tunnels so organizations can defend against “harvest‑now, decrypt‑later” attacks without buying specialized hardware. This update moves another critical piece of enterprise networking closer to
How the Google Gemini CLI Flaw Turned CI/CD Pipelines into Remote Code Execution Risk
A critical remote code execution (RCE) vulnerability in the Google Gemini CLI and its associated GitHub Action exposed a startling weakness in how AI tooling can interact with developer infrastructure. Rated with the maximum CVSS score of 10.0, the bug allowed unprivileged external actors to execute commands on the machines running CI/CD workflows. This wasn’t a prompt-injection trick against a
Email threat landscape: Q1 2026 trends and insights
During the first quarter of 2026, email-based threats remained pervasive and dynamic. Microsoft Threat Intelligence recorded roughly 8.3 billion phishing messages across January–March, with monthly volumes edging down from about 2.9 billion in January to 2.6 billion in March. While total volume showed only slight decline, the quarter revealed important shifts in delivery mechanisms and attacker behavior: link-based attacks dominated,