Sign in Subscribe

Azure Linux

Microsoft Patches BPF Race Flaw in WSL2 and Azure Linux, Deploys CSAF/VEX Attestations to Advance Kernel Security

Microsoft Patches BPF Race Flaw in WSL2 and Azure Linux, Deploys CSAF/VEX Attestations to Advance Kernel Security

TL;DR * CVE-2025-39863 use-after-free in Broadcom Wi-Fi driver (brcmfmac) exploited via timer-race, affects Azure Linux and AKS nodes; patch deployed upstream * Microsoft patches CVE-2025-39886 BPF allocation flaw in WSL2 and CBL-Mariner kernels, publishes CSAF/VEX attestations for Azure Linux * F2FS remount flaw (CVE-2023-53447) causes kernel crashes during concurrent file operations;
Barista @ Cafecito
React RCE CVE-2025-55182 Exploited by Botnets, BlackForce MFA Kit Emerges, Azure Linux Patched, AI Pen-Tester Artemis Rises

React RCE CVE-2025-55182 Exploited by Botnets, BlackForce MFA Kit Emerges, Azure Linux Patched, AI Pen-Tester Artemis Rises

TL;DR * CVE-2025-55182 Patched in React Server Components After 137,200 IPs Exposed to RCE via Flight Protocol * BlackForce Phishing Kit Sold on Telegram for €200–300 Uses Legitimate React Code to Bypass MFA Detection * Microsoft Azure Linux Affected by CVE-2025-49177 XFixes Extension Vulnerability Enabling Remote Code Execution * AI Agent
Barista @ Cafecito