%term

Copy Fail (CVE-2026-31431): What Linux administrators need to know now

Apr 30, 2026 By Tanium In Tanium

Copy Fail, or CVE-2026-31431, is a Linux kernel local privilege escalation vulnerability that can let an unprivileged local user corrupt page-cache-backed file data under specific conditions and potentially escalate privileges. Exposure depends on the running vendor kernel and backported fixes. Installing a vendor-provided kernel fix is the primary remediation, with temporary mitigations available in some environments if patching is delayed.

Read Post

Tanium

Read more about Copy Fail (CVE-2026-31431): What Linux administrators need to know now

Post-quantum encryption for Cloudflare IPsec is generally available

Apr 30, 2026 By Sharon Goldberg In Cloudflare

While more than two-thirds of human-generated TLS traffic to Cloudflare is already protected by post-quantum cryptography, the world of site-to-site networking has been a different story. For years, the IPsec community remained caught between the high bar of Internet-scale interoperability and the niche requirements of specialized hardware. That gap is now closing.

Read Post

Cloudflare

Read more about Post-quantum encryption for Cloudflare IPsec is generally available

Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield

Apr 30, 2026 By Falcon Shield - Counter Adversary Operations In CrowdStrike

Since October 2025, CrowdStrike Counter Adversary Operations has observed a shift in intrusion tradecraft: Threat actors are executing high-speed, SaaS-centric attacks that bypass traditional endpoint visibility. CORDIAL SPIDER and SNARKY SPIDER exemplify this evolution as distinct adversaries conducting rapid data theft and extortion campaigns with striking operational similarities.

Read Post

CrowdStrike

Read more about Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield

Agentic AI Security: Tune Detections with Threat Intel

Apr 30, 2026 By Daniel Ballmer In LimaCharlie

Most AI detection engineering puts a human in the loop at every step. David Burkett envisions an efficient and effective pipeline architecture that does not. David is a security researcher at Corelight Labs and a longtime LimaCharlie community member. He appeared on a recent episode of Defender Fridays to walk through his vision of a fully agentic detection engineering pipeline. His system uses LimaCharlie as its operational backbone.

Read Post

LimaCharlie

Read more about Agentic AI Security: Tune Detections with Threat Intel

The 7 sins killing your SOC efficacy (and why NDR is the cure)

Apr 30, 2026 By Josh Porto In Corelight

Network Detection and Response (NDR) is a glorious tool for spotting the stuff that slips past the velvet ropes. The weird lateral movement. The "why is Finance talking to a printer in Moldova" moment. The internal reconnaissance that looks harmless until it's suddenly not. What can't NDR do? Trick question. It can't walk the dog, run a marathon, or explain to leadership why "just block Russia" isn't a complete strategy. NDR is your truth serum.

Read Post

Corelight

Read more about The 7 sins killing your SOC efficacy (and why NDR is the cure)

How Cloudflare Got 2x Faster Servers With Less Cache

Apr 30, 2026 By Cloudflare In Cloudflare

In this episode of This Week in NET, JQ Lau and Victor Hwang from our Network & Infrastructure Strategy team walk us through Cloudflare's 13th generation of servers — the machines that power a significant part of the internet across 330+ cities worldwide. The Gen 13 program doubled compute density by jumping from 96 to 192 cores, but that came with an 83% drop in L3 cache. The team explains how a bold hardware bet, combined with Cloudflare's FL2 Rust-based software rewrite, turned that trade-off into a win across throughput, latency, and power efficiency.

View Video

Cloudflare

Read more about How Cloudflare Got 2x Faster Servers With Less Cache

Turning Attackers into Signals: How Deception is Redefining Threat Detection | Fidelis Security

Apr 30, 2026 By Fidelis Security In Fidelis Security

Traditional detection methods are struggling to keep up with modern threats. What if you could turn attackers into your strongest signal? In this session, our Sales Engineer Jim breaks down how deception technology is transforming cybersecurity by: Delivering high-fidelity alerts with minimal noise Adapting dynamically to attacker behavior Extending protection to IoT and non-standard devices Scaling seamlessly across enterprise environments.

View Video

Fidelis Security

Read more about Turning Attackers into Signals: How Deception is Redefining Threat Detection | Fidelis Security

CVE-2026-31431 (Copy Fail): Linux Kernel LPE

Apr 30, 2026 By Dor Hayun In Mend

A new Linux kernel LPE disclosed by Theori/Xint lets any unprivileged local user become root with a 732-byte Python script. Works first try, no race, no per-kernel offsets. CVSS 7.8 (High), effectively critical for shared-kernel and multi-tenant environments.

Read Post

Mend

Read more about CVE-2026-31431 (Copy Fail): Linux Kernel LPE

How to secure cloud workloads without building a full-scale SOC

Apr 30, 2026 By Adam White In Sumo Logic

You don’t need a 20-person SOC to protect your cloud-native environment. What you need is the right strategy: map your risk, embed security early, automate detection, and let smart tooling do the heavy lifting. Here’s how security and DevOps leaders with limited resources can achieve enterprise-level protection without enterprise-level headcount.

Read Post