A new Linux kernel bug lets an ordinary, unprivileged user become root. It now hits Android too. Researchers have named it Bad Epoll. The Bad Epoll vulnerability carries the identifier CVE-2026-46242.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...