AI Found a Root Bug in Linux That Everyone Missed for 15 Years

AI Found a Root Bug in Linux That Everyone Missed for 15 Years

https://www.wired.com/story/security-news-this-week-ai-found-a-root-bug-in-linux-that-everyone-missed-for-15-years/

Publish Date: 2026-07-11 06:30:00

Source Domain: www.wired.com

Amid years of warnings that China’s notorious Volt Typhoon hackers may be pre-positioning within United States critical infrastructure, a closed-door war game for insurers played out an array of worst-case scenarios—revealing a menacing, disruptive threat.

ICE’s internal oversight group, the Office of Professional Responsibility, has begun investigating online critics of the agency, opening more than 100 cases looking at what ICE officials call “incidents of doxing and threats” against agency employees. And in the European Union, tech companies will be able to scan citizens’ personal texts, emails, and social media messages again because of renewed powers in the “Chat Control” bill aimed at curbing online child abuse material. The European Parliament voted to extend the legislation despite a majority of lawmakers voting against the proposal.

WIRED revealed more about the Madison Square Garden surveillance landscape this week with revelations that MSG kept a database categorizing hundreds of celebrities, prominent Knicks superfans, and even some Taylor Swift wedding guests using labels that included “LGBTQIA,” “DO NOT HOST,” and low to high “risk.”

And new research this week shows that a wave of government website hijacks in which scammers promise “leaked” OnlyFans content are being stymied by thousands of copyright complaints from adult content creators, helping keep people safe by getting the malicious links taken down.

And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Nebula Security has published exploit code for GhostLock (CVE-2026-43499), a use-after-free bug that sat in the Linux kernel for 15 years and lets any logged-in user take root on an unpatched machine, according to SecurityWeek and The Hacker News. The flaw shipped by default in essentially every mainstream distribution since 2011 and needs…

Source