Linux.Slashdot.org

BrianFagioli writes: ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called "Curing" that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Read more of this story at Slashdot.

Wine 10.6 has been released, featuring a new lexer within its Command Processor (CMD), support for the PBKDF2 algorithm to its Bcrypt implementation, and improved metadata handling in WindowsCodecs. According to Phoronix, the update also includes 27 known bug fixes that address issues with Unity games, Alan Wake, GDI+, and various other games and applications. You can see all the changes and download the relesae via WineHQ.org GitLab.

Read more of this story at Slashdot.

"The time has come for me to step away," ArcoLinux lead Erik Dubois posted last week. ("After eight years of dedication to the ArcoLinux project and the broader Linux community...") 'Learn, have fun, and enjoy' was our motto for the past eight years — and I really had fun doing all this," Dubois says in a video version of his farewell post. "And if we reflect back on this teaching and the building and promoting of Linux, it was fun. But the time has come for me to step away..." Over its eight years ArcoLinux "accomplished several important milestones," reports Linux magazine, "such as creating over 5,000 educational videos; the creation of ArcoInstall; the Carli education project; the Arch Linux Calamares Installer (ALCI); the ArcoPlasma, ArcoNet, ArcroPro, and Ariser variants; and much more." According to Dubois, they weren't just creating a distribution but a mindset. Dubois says that the code will remain online so others can learn from, fork, or remix the distro. He also indicated that ArcoLinux will supply users with a transition package to help them convert their existing ArcoLinux systems to Arch Linux. That package will remove ArcoLinux branding, replace pacman.conf with an Arch and Chaotic-AUR focused config file, and change the arcolinux-mirrorlist to a single source. It's FOSS News describes ArcoLinux as one of those "user-friendly Arch-based distros that give you a bleeding-edge experience." The reasoning behind this move, as shared by Erik, is his advancing age and him realizing that he doesn't have the same level of mental focus or stamina he used to have before. He has found himself making small mistakes, the kind that can negatively affect a major undertaking like this... Come July 1, 2025, the transition period will end, marking a stop to all development, including the deactivation of the ArcoLinux social media handles. The Telegram and Discord communities will stay a bit longer but will close up eventually. "I want to leave ArcoLinux while it's still strong, and while I can look back with pride at everything we've accomplished together," Dubois says in their post...

Read more of this story at Slashdot.