Microsoft Defender Security Research recently disclosed CVE-2026-31431—nicknamed “Copy Fail”—a high‑severity local privilege escalation in the Linux kernel’s crypto subsystem that enables an unprivileged user to escalate to root. The vulnerability affects kernels released since 2017 and has broad implications for cloud and container environments because the exploit can corrupt in-memory representations of readable files (including setuid binaries) without changing the
Tag: cloud security
Google Completes $32 Billion Acquisition of Wiz
Google has finalized its acquisition of Wiz, the Israeli cloud and AI security company, in an all-cash transaction valued at $32 billion. The deal, announced as closed in March 2026, is the largest acquisition in Google’s history and represents a major move by Google Cloud to deepen its capabilities in cloud-native and AI security. Deal overview The acquisition brings the
Urgent Patching Required: Multiple VMware Aria Vulnerabilities Enable Remote Code Execution and Privilege Escalation
VMware’s Aria Operations — a cornerstone for many organizations’ cloud and infrastructure management — was thrust into the spotlight this week after Broadcom published VMSA-2026-0001, detailing three significant vulnerabilities. These flaws range from command injection that can lead to full remote code execution, to stored cross-site scripting that enables administrative actions, and a privilege escalation path from vCenter to Aria