Tag: privilege escalation

Copy Fail (CVE-2026-31431): A 4‑Byte Kernel Bug That Lets Attackers Gain Root on Major Linux Distros

Cloud Computing, Cybersecurity, Hacking and Exploits, Linux Leave a comment
Copy Fail (CVE-2026-31431): A 4‑Byte Kernel Bug That Lets Attackers Gain Root on Major Linux Distros

Microsoft Defender Security Research recently disclosed CVE-2026-31431—nicknamed “Copy Fail”—a high‑severity local privilege escalation in the Linux kernel’s crypto subsystem that enables an unprivileged user to escalate to root. The vulnerability affects kernels released since 2017 and has broad implications for cloud and container environments because the exploit can corrupt in-memory representations of readable files (including setuid binaries) without changing the

Continue

PhantomRPC: New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions

Hacking and Exploits, Microsoft Leave a comment
PhantomRPC: New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions

PhantomRPC is an architectural weakness in the Windows Remote Procedure Call (RPC) runtime that allows low-privileged processes to escalate to SYSTEM or Administrator by impersonating privileged clients. Disclosed by Kaspersky’s Haidar Kabibo at Black Hat Asia 2026, the flaw stems from how rpcrt4.dll handles connections to unavailable RPC servers: when a privileged process attempts an RPC call to a server

Continue

RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

Cybersecurity, Hacking and Exploits, Microsoft, Server and Virtualisation Leave a comment
RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

A freshly disclosed zero-day vulnerability in Microsoft Defender, dubbed “RedSun,” has raised alarms across enterprise security teams: an unprivileged user can escalate to full SYSTEM-level access on fully patched Windows systems. The flaw was detailed publicly in April 2026 by a researcher known as “Chaotic Eclipse” (also referenced as Nightmare‑Eclipse on GitHub). Independent verification from vulnerability analyst Will Dormann confirms

Continue

Microsoft Active Directory Domain Services Vulnerability (CVE-2026-25177) — What Administrators Need to Know

Cybersecurity, Hacking and Exploits, Microsoft, PowerShell, Server and Virtualisation Leave a comment
Microsoft Active Directory Domain Services Vulnerability (CVE-2026-25177) — What Administrators Need to Know

In early March 2026, Microsoft released an important security update addressing a high-severity vulnerability in Active Directory Domain Services (AD DS) tracked as CVE-2026-25177. The flaw received a CVSS score of 8.8 and can allow an authenticated network actor with limited permissions to escalate privileges to full SYSTEM on a targeted domain controller. Microsoft and third-party researchers coordinated fixes and

Continue

Urgent Patching Required: Multiple VMware Aria Vulnerabilities Enable Remote Code Execution and Privilege Escalation

Cloud Computing, Cybersecurity, Hacking and Exploits, Microsoft, PowerShell, Server and Virtualisation Leave a comment
Urgent Patching Required: Multiple VMware Aria Vulnerabilities Enable Remote Code Execution and Privilege Escalation

VMware’s Aria Operations — a cornerstone for many organizations’ cloud and infrastructure management — was thrust into the spotlight this week after Broadcom published VMSA-2026-0001, detailing three significant vulnerabilities. These flaws range from command injection that can lead to full remote code execution, to stored cross-site scripting that enables administrative actions, and a privilege escalation path from vCenter to Aria

Continue