The current debate about electricity prices is misguided. Inflation in electricity prices needs to be compared with inflation in the overall CPI, and over the past decade, electricity prices have increased exactly as fast as the overall price level in the economy, see chart below.
Sources: US Bureau of Labor Statistics (BLS), Macrobond, Apollo Chief Economist
Download high-res chart
This presentation may not be distributed, transmitted or otherwise communicated to others in whole or in part without the express consent of Apollo Global Management, Inc. (together with its subsidiaries, “Apollo”).
Apollo makes no representation or warranty, expressed or implied, with respect to the accuracy, reasonableness, or completeness of any of the statements made during this presentation, including, but not limited to, statements obtained from third parties. Opinions, estimates and projections constitute the current judgment of the speaker as of the date indicated. They do not necessarily reflect the views and opinions of Apollo and are subject to change at any time without notice. Apollo does not have any responsibility to update this presentation to account for such changes. There can be no assurance that any trends discussed during this presentation will continue.
Statements made throughout this presentation are not intended to provide, and should not be relied upon for, accounting, legal or tax advice and do not constitute an investment recommendation or investment advice. Investors should make an independent investigation of the information discussed during this presentation, including consulting their tax, legal, accounting or other advisors about such information. Apollo does not act for you and is not responsible for providing you with the protections afforded to its clients. This presentation does not constitute an offer to sell, or the solicitation of an offer to buy, any security, product or service, including interest in any investment product or fund or account managed or advised by Apollo.
Certain statements made throughout this presentation may be “forward-looking” in nature. Due to various risks and uncertainties, actual events or results may differ materially from those reflected or contemplated in such forward-looking information. As such, undue reliance should not be placed on such statements. Forward-looking statements may be identified by the use of terminology including, but not limited to, “may”, “will”, “should”, “expect”, “anticipate”, “target”, “project”, “estimate”, “intend”, “continue” or “believe” or the negatives thereof or other variations thereon or comparable terminology.
Shares worth €1.3bn (£1.1bn; $1.5bn) have been seized from the company that controls the manufacturer of Campari over alleged tax evasion, Italian police have said.
Officials ordered the confiscation of the Campari Group shares from Luxembourg-based Lagfin as part of a year-long investigation into how it absorbed its Italian arm.
It is accused of failing to pay a similar figure to that of the shares seized in taxes during that merger. The company previously said it had always fulfilled its tax obligations.
Campari – which also produces alcohol brands including Aperol, Grand Marnier and Courvoisier – said neither it nor its subsidiaries were involved in the case.
However, chair Luca Garavoglia is among those under investigation, local media reports.
The BBC approached Lagfin – which owns more than 50% of Campari shares and has 80% of voting rights – for comment.
It previously said in a statement issued on the investigation last year that it had “always fulfilled its tax obligations with the utmost scruples in all the jurisdictions where it operates” and considers any claims to the contrary “devoid of any basis”.
Prosecutors in Milan launched a probe into the company last year. Financial police on Friday said they allegedly found €5.3bn of undeclared capital gains between 2018 and 2020 on which it had not paid a so-called “exit tax”, levied on firms that transfer their headquarters abroad.
It is also accused of transferring its Italian assets into foreign ownership solely for tax purposes, according to Italian financial newspaper Il Sole 24 Ore.
Mr Garavoglia, the billionaire who inherited ownership of Campari from his late mother, is implicated alongside Giovanni Berto, the head of Campari’s Italian branch, local media reports.
One of the largest global producers of spirits, Campari is valued at around €7bn on the Milan Stock Exchange.
The company has its roots in 1860, when Gaspare Campari’s homemade bitter liqueur became a popular tipple among patrons of his Milan bar.
It became so successful that, in 1904, his family began manufacturing it commercially, and from the 1990s onwards the firm began acquiring other alcohol brands.
It hasn’t been the best quarter for TP ICAP Group PLC (LON:TCAP) shareholders, since the share price has fallen 14% in that time. But over the last three years returns have been decent. It beat the market return of 46% in that time, gaining 50%.
Now it’s worth having a look at the company’s fundamentals too, because that will help us determine if the long term shareholder return has matched the performance of the underlying business.
AI is about to change healthcare. These 20 stocks are working on everything from early diagnostics to drug discovery. The best part – they are all under $10bn in marketcap – there is still time to get in early.
While markets are a powerful pricing mechanism, share prices reflect investor sentiment, not just underlying business performance. One imperfect but simple way to consider how the market perception of a company has shifted is to compare the change in the earnings per share (EPS) with the share price movement.
During three years of share price growth, TP ICAP Group achieved compound earnings per share growth of 39% per year. The average annual share price increase of 14% is actually lower than the EPS growth. So it seems investors have become more cautious about the company, over time. This cautious sentiment is reflected in its (fairly low) P/E ratio of 11.16.
The company’s earnings per share (over time) is depicted in the image below (click to see the exact numbers).
LSE:TCAP Earnings Per Share Growth November 1st 2025
It is of course excellent to see how TP ICAP Group has grown profits over the years, but the future is more important for shareholders. You can see how its balance sheet has strengthened (or weakened) over time in this free interactive graphic.
When looking at investment returns, it is important to consider the difference between total shareholder return (TSR) and share price return. The TSR is a return calculation that accounts for the value of cash dividends (assuming that any dividend received was reinvested) and the calculated value of any discounted capital raisings and spin-offs. Arguably, the TSR gives a more comprehensive picture of the return generated by a stock. We note that for TP ICAP Group the TSR over the last 3 years was 85%, which is better than the share price return mentioned above. And there’s no prize for guessing that the dividend payments largely explain the divergence!
We’re pleased to report that TP ICAP Group shareholders have received a total shareholder return of 25% over one year. And that does include the dividend. That’s better than the annualised return of 15% over half a decade, implying that the company is doing better recently. Someone with an optimistic perspective could view the recent improvement in TSR as indicating that the business itself is getting better with time. While it is well worth considering the different impacts that market conditions can have on the share price, there are other factors that are even more important. For instance, we’ve identified 2 warning signs for TP ICAP Group that you should be aware of.
Of course TP ICAP Group may not be the best stock to buy. So you may wish to see this free collection of growth stocks.
Please note, the market returns quoted in this article reflect the market weighted average returns of stocks that currently trade on British exchanges.
Have feedback on this article? Concerned about the content?Get in touch with us directly. Alternatively, email editorial-team (at) simplywallst.com.
This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.
Mitsubishi (TSE:8058) has taken another step into the biotech sector by announcing a strategic partnership with Wheeler Bio focused on expanding commercial opportunities across the Asia-Pacific region. The collaboration includes a direct investment in Wheeler’s latest funding round.
See our latest analysis for Mitsubishi.
Mitsubishi’s renewed push into biotech comes on the back of strong market momentum. The past three months alone saw a 22.6% rise in share price, with the 2024 year-to-date increase nearing 44%. Over the long term, Mitsubishi’s 1-year total shareholder return clocks in at almost 40%, while the 3-year return sits above 180%. The 5-year total return is a remarkable 454%. These are clear signals that investors see value in both its ongoing diversification and robust fundamentals.
If Mitsubishi’s growth streak has you thinking about what else is thriving in dynamic sectors, now’s a great time to explore See the full list for free.
Yet with the stock rallying so sharply this year, the big question is whether Mitsubishi remains undervalued at current levels, or if the market has already factored in the company’s growth and biotech ambitions. Is there still a genuine buying opportunity here?
Mitsubishi’s most followed narrative currently points to a fair value below the last close of ¥3,712, suggesting the recent price rally has outpaced foundational earnings assumptions in the eyes of analysts and market observers. This sets up a clash between momentum-driven optimism and more cautious, long-term projections.
Active capital recycling and selective divestitures of lower-margin businesses align the portfolio toward higher-margin and recurring revenue streams. This approach is likely to enhance net margins and improve return on equity over the medium term. Expansion into international food and consumer supply chains (for example, Cermaq and Thai Union Group) utilizes Mitsubishi’s global distribution strength to build stable, recurring revenue. This helps counter cyclical downturns and supports long-term revenue growth.
Read the complete narrative.
Want to know the growth blueprint behind this high valuation? The key element of this narrative is a margin transformation and a revenue engine hidden beyond megaproject headlines. What are the bold projections keeping some analysts cautious even as shares soar? Read on to discover which financial forecasts are setting the true ceiling for Mitsubishi’s fair value.
Result: Fair Value of ¥3,405 (OVERVALUED)
Have a read of the narrative in full and understand what’s behind the forecasts.
However, factors such as declining commodity prices and underperformance in legacy business lines could quickly challenge bullish forecasts for Mitsubishi’s future growth.
Find out about the key risks to this Mitsubishi narrative.
If you see a different story in Mitsubishi’s fundamentals, or would rather rely on your own research approach, it’s faster than ever to shape your own perspective in just a few minutes. Do it your way.
A great starting point for your Mitsubishi research is our analysis highlighting 1 key reward and 2 important warning signs that could impact your investment decision.
Smart investors never settle for today’s headlines alone. Broaden your horizon and unlock new opportunities in tomorrow’s markets with these top stock ideas on Simply Wall Street.
This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.
Companies discussed in this article include 8058.T.
Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team@simplywallst.com
When Donald Trump nominated Fiserv chief executive Frank Bisignano to serve in his administration 11 months ago, his company was held up as a Wall Street fintech darling alongside the likes of Visa and Mastercard.
Now the business Bisignano helped build is in freefall.
Shares of Fiserv, which runs back-end technology for banks and payment networks, fell 44 per cent and lost $30bn in market value after disastrous third-quarter results on Wednesday. The company disclosed several problems that had been festering for years and analysts described the earnings as “shocking” and “impossible to sugarcoat”.
But Bisignano already cashed out, selling 3.3mn Fiserv shares worth more than $500mn at the time of his Senate confirmation in May, and deferring taxes on the gains. Today, the shares would be worth about $220mn.
Now questions are being raised about the company’s management under the leadership of Bisignano, who has been tapped by Trump to manage two of the government’s most crucial financial operations — the Internal Revenue Service and the Social Security Administration. One collects more than $5tn in annual tax revenue and the other makes more than $1.6tn in yearly payments to senior citizens.
“To see a company that 12 months ago had a sterling reputation fall off like this and finish the day down 44 per cent, it is the most shocking earnings print I’ve had in my time covering the space,” Deutsche Bank analyst Nate Svensson said.
New Fiserv chief executive Mike Lyons, in the job since Bisignano’s resignation in May, said an analysis had revealed ill-fated decisions to defer investments and cut costs, as well as a reliance on short-term initiatives to maximise quarterly results.
“As a result, we have made the decision to deprioritise the short-term revenue and expense initiatives which, of course, has some near-term impact on our growth and profitability,” Lyons told analysts.
The company is now facing shareholder lawsuits alleging it misled investors. Fiserv declined to comment. Bisignano did not respond to requests for comment.
Wisconsin-based Fiserv was founded in 1984. The company as it is today is the result of a merger between Fiserv and First Data, where Bisignano was the CEO.
The deal brought together Fiserv’s sticky but low growth core banking system business with First Data’s higher-growth merchant solutions business, which provided payment processing systems such as credit card readers for small and large businesses as well as ecommerce services.
Before Fiserv and First Data, Bisignano, 66, was a top executive at JPMorgan Chase, reporting to chief executive Jamie Dimon. Internally, he earned a reputation as a savvy operator but also someone who could blur the lines between company matters and his personal life.
Bisignano was known to invite family and friends to the corporate box at MetLife Stadium to watch the New York Giants NFL team, even when he was not in attendance, and for his frequent use of the company’s private plane, according to executives who worked with him at the time.
His relationship with Dimon eventually soured, according to people familiar with the matter, and he left JPMorgan to join First Data in 2013. In 2017, his pay there reached $100mn. JPMorgan declined to comment.
Bisignano took over the combined Fiserv/First Data company in 2020. It emerged as an industry winner, outperforming rivals such as FIS and GPN. Fiserv’s standout business was its Clover point-of-sale payments terminals.
Bisignano and his wife Tracy were significant donors to Trump’s 2024 and 2020 presidential campaigns before he was recruited to run the social security programme and take the newly created role of IRS chief executive reporting to Treasury secretary Scott Bessent. A Treasury department spokesperson did not respond to requests for comment.
In October 2024, a few weeks before election day, Tracy gave $924,600 to the Trump 47 Committee, the maximum an individual could give to the joint fundraising Pac, and nearly $800,000 split between the Republican National Committee and dozens of local Republican party groups.
At Fiserv, the image of a stable business with solid growth potential has been shattered. The company on Wednesday widely missed analysts’ estimates in quarterly results and slashed its outlook for organic revenue growth in 2025 from 10 per cent to as low as 3.5 per cent.
Lyons detailed that its business in Argentina, which has been supported by the country’s high interest rates and hyperinflation, had been a bigger driver of growth than investors previously believed. He talked about reversing price increases that the prior leadership had made and a need to “overhaul” the client experience for its Clover product.
“At Fiserv there was a lot of restructuring, a lot of cost takeout. I don’t think there was investment in places that needed investment,” said Ali Raza, managing principal at Blue Leviathan, a consulting firm focused on payments. “So we have what we have now.”
Lyons is now tasked with turning the company around. He has put in place a new chief financial officer, three new board members and new co-presidents.
He has talked about resetting the company’s culture to one that prioritises integrity, fairness, execution, accountability and client service, changes that will take time to implement.
“Leaving aside what’s happening with the financials,” said Deutsche’s Svensson, “that is not something you can wave the magic wand and fix overnight”.
Lear (LEA) delivered a 14.5% annual earnings growth rate over the past five years, but net profit margin came in at 2.1%, a shade below last year’s 2.3%. The result this period was shaped by a sizeable $198 million one-off loss. Expectations for future earnings growth sit at a robust 31.8% per year, easily outpacing the broader US market’s projected pace. With revenue forecast to grow at 2.7% annually and shares trading well below discounted cash flow estimates, investors have plenty to evaluate, especially with margins and quality of earnings under the spotlight.
See our full analysis for Lear.
Next up, we’ll see how these headline numbers either support or challenge the most popular narratives from the community and analysts.
See what the community is saying about Lear
NYSE:LEA Earnings & Revenue History as at Nov 2025
The latest DCF fair value for Lear comes in at $144.53 per share, notably higher than the current market price of $104.65. This signals a potential undervaluation for long-term-focused investors.
According to the analysts’ consensus narrative, confidence in Lear’s advanced EV systems and automation wins is driving expectations for profit margins to double to 4.2% over the next three years.
Consensus sees $60 million in recurring efficiency gains already realized this year, with another $90 million expected. This reinforces the margin and valuation case.
Analysts also highlight new electronics-rich seating programs and OEM outsourcing as catalysts, offsetting recent temporary profit margin softness.
The difference between current price and analyst price target is just 2.7%, with the analyst target at $116.25. This implies that most anticipate only moderate short-term upside rather than a major rally.
Curious how analysts are weighing Lear’s growth drivers against the fair value gap with the stock trading far below DCF estimates? 📈 Read the full Lear Consensus Narrative.
A $198 million one-time loss weighed on Lear’s annual net profit margin, bringing it down from 2.3% to 2.1% even as overall earnings kept climbing.
The analysts’ consensus narrative points out that recurring savings from automation and digital manufacturing are helping offset non-recurring costs, and sets expectations for margins to reach 4.2% in three years.
Consensus also cautions that continued wind-downs in discontinued E-Systems product lines will be a structural hurdle through at least 2027, limiting margin recovery in those segments short term.
Flexibility from buybacks and a $2 billion revolver underpin the view that margin compression from non-recurring hits should be temporary for the broader business.
Lear’s price-to-earnings ratio of 11.9x is meaningfully lower than both its US auto components industry average of 18.1x and direct peer average of 21.4x.
The analysts’ consensus view argues that this discount, coupled with forward earnings growth forecasts of 31.8% per year, supports reasonable upside as long as future margin expansion materializes and auto industry volumes stabilize.
Analysts note share count is expected to decline by 2.09% a year, further boosting per-share value in coming years.
Industry-wide price targets remain close to market ($116.25 vs. $104.65), so the undervaluation case hinges on outperforming profit and margin forecasts rather than just benefiting from a sector-wide re-rating.
To see how these results tie into long-term growth, risks, and valuation, check out the full range of community narratives for Lear on Simply Wall St. Add the company to your watchlist or portfolio so you’ll be alerted when the story evolves.
Think you have a fresh take on the figures? Use your insight to shape a unique narrative in just a few minutes: Do it your way
A great starting point for your Lear research is our analysis highlighting 3 key rewards and 3 important warning signs that could impact your investment decision.
Lear’s recurring margin compression and recent one-off loss highlight vulnerability to non-recurring costs and inconsistent profitability.
If you’d prefer a smoother ride, use our stable growth stocks screener (2103 results) to discover companies with reliable earnings and revenue. These companies are built to deliver performance in any cycle.
This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.
Companies discussed in this article include LEA.
Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team@simplywallst.com
LEAP-012 trial investigates pembrolizumab (KEYTRUDA®) plus lenvatinib (LENVIMA®) in combination with transarterial chemoembolization (TACE) versus TACE alone for patients with unresectable, non-metastatic hepatocellular carcinoma (HCC).
HCC remains among the most lethal cancers worldwide, and while TACE has long been the standard of care for intermediate-stage disease, progression within a year is common due to angiogenic and immunosuppressive escape mechanisms. Preclinical and early clinical data have suggested that combining immunotherapy, VEGF inhibition, and locoregional therapy may produce synergistic antitumor effects by enhancing antigen release, promoting vascular normalization, and strengthening immune activation.
Study Design and Methods
LEAP-012 was a multicenter, double-blind, randomized Phase 3 study enrolling 480 patients with unresectable, non-metastatic HCC not previously treated with systemic therapy. Patients were randomized 1:1 to receive:
Experimental arm: Pembrolizumab (400 mg IV every 6 weeks) + Lenvatinib (12 mg or 8 mg daily based on body weight) + TACE
Control arm: Dual placebo + TACE
TACE was performed using chemotherapeutic and embolic agents delivered via the hepatic artery, beginning 2–4 weeks after initiation of systemic therapy.
Primary endpoints
Progression-Free Survival (PFS) by blinded independent central review (BICR) per RECIST v1.1
Overall Survival (OS)
Secondary endpoints: Objective response rate (ORR), duration of response (DOR), disease control rate (DCR), and safety.
Results
At the pre-specified interim analysis, KEYTRUDA + LENVIMA + TACE met the primary endpoint of PFS, demonstrating a statistically significant and clinically meaningful improvement compared to TACE alone. These findings, presented at ESMO 2024 and published in The Lancet, confirmed the biological synergy between immune checkpoint blockade, VEGF inhibition, and locoregional therapy. However, the combination did not achieve statistical significance for overall survival (OS) compared with TACE alone. After internal review, Merck and Eisai determined that the probability of reaching the OS threshold at future analyses was low, leading to early study termination.
PFS: Statistically significant improvement with the combination regimen versus TACE alone (per BICR; p < 0.001).
OS: Did not reach protocol-defined significance; trial closed early for futility.
Safety: Adverse events were consistent with known profiles of pembrolizumab and lenvatinib; no new safety signals were observed.
Interpretation
The LEAP-012 trial reinforces the biologic rationale of combining immunotherapy and VEGF blockade with TACE but highlights the challenge of translating radiographic progression benefits into survival advantage in intermediate-stage HCC. Although PFS improvement was robust and reproducible, the lack of OS benefit suggests that earlier immune modulation may not meaningfully alter long-term outcomes in this disease stage, possibly due to the limited duration of systemic exposure and competing post-progression treatments. Nonetheless, the findings contribute valuable insights into the integration of systemic and locoregional therapies and underscore the need for patient stratification, biomarker-driven selection, and optimization of treatment sequencingin HCC.
You Can Also Read About FDA Approves Subcutaneous Pembrolizumab with Berahyaluronidase Alfa-pmph
Regulatory Context
Despite the global trial closure, in June 2025, China’s National Medical Products Administration (NMPA) approved KEYTRUDA + LENVIMA + TACE for unresectable, non-metastatic HCC based on PFS benefit and clinical relevance in local patient populations. The results do not affect existing approvals of the pembrolizumab–lenvatinib combination for advanced RCC, endometrial carcinoma, or HCC monotherapy indications.
Key Takeaway Messages
LEAP-012 met its PFS endpoint but failed to show a statistically significant overall survival benefit versus TACE alone.
Trial discontinued early based on low probability of meeting OS threshold at later analyses.
Safety profile consistent with known pembrolizumab + lenvatinib experience; no new toxicities observed.
Findings highlight the translational gap between improved tumor control and extended survival in intermediate-stage HCC.
Reinforces need for rational combinations, biomarker-guided selection, and optimized systemic-locoregional sequencing in liver cancer management.
Whilst millions of Gmail passwords have not suddenly leaked, despite multiple reports, Google warns compromised security credentials are giving hackers access to accounts. Its advice is clear — if you have not done so already, make this account change now.
For the second time in just a few weeks, Google hit back as reports (1,2) suggested a massive new password leak. “Reports of a ‘Gmail security breach impacting millions of users’ are false. Gmail’s defenses are strong, and users remain protected.”
But just because the breach is not new does not mean it’s not dangerous. Google says users should “reset passwords when they are found in large batches like this.” In reality, don’t wait for a breach to turn up, while regularly changing passwords is no longer considered best practice, ensuring passwords are strong and unique certainly is.
ForbesPorn Ban—New Warning For Millions Of iPhone And Android UsersBy Zak Doffman
But passwords will always be vulnerable to being leaked or stolen. “Attackers are intensifying their phishing and credential theft methods, which drive 37% of successful intrusions,” Google warns, and “an exponential rise in cookie and authentication token theft as a preferred method for attackers, with an 84% increase in infostealers.”
That’s why Google tells users that “adopting passkeys as a stronger and safer alternative to passwords” stops account password compromises.
And on that note, with these latest “Gmail security breach” headlines still swirling, there was some quieter, better news for Google and its billions of Gmail account holders.
“Google commands half of all passkey authentication activity,” Dashlane confirmed in its latest passkey adoption report. “A scale so dominant that including it in our top 20 would distort the competitive landscape for other services.” According to the password manager, “Google’s sheer volume dwarfs that of other platforms.”
This, it says, was driven “by a pivotal product decision: In October 2023, Google made passkeys the default login option for personal Google Accounts. This move effectively exposed hundreds of millions of users to passwordless authentication, creating the largest real-world deployment of passkeys to date.”
The result: “Google passkey authentications exploded by 352% over the past year.”
ForbesGoogle Warning—All Smartphone Users Must Delete These TextsBy Zak Doffman
Unlike Microsoft, Google is not yet advocating for the complete deletion of passwords. But it does say that defaulting to passkeys means users can create complex passwords and multi-factor authentication options that don’t need to be as convenient as SMS.
As such, while adopting passkeys is the solution, it only works if you stop using your password — even if a password remains on the account (with MFA) as a back-up.
“Google’s approach demonstrates the power of defaults,” Dashlane says. “By making passkeys the path of least resistance rather than an opt-in security feature, Google transformed passkey adoption from a trickle into a flood.”
A decade-old vulnerability in the Linux kernel has reemerged as a powerful weapon for ransomware groups, according to warnings issued by the Cybersecurity and Infrastructure Security Agency (CISA). Tracked as CVE 2024 1086, the flaw resides in the netfilter nf_tables component and enables local privilege escalation (LPE), allowing attackers with initial access to elevate their permissions to root and take full control of a system.
Originally introduced in the kernel’s codebase in 2014, the bug affects Linux versions from 3.15 through 6.8 rc1, impacting major distributions including Debian, Ubuntu, Fedora, and Red Hat. The vulnerability stems from a use after free (UAF) condition in the nft_verdict_init() and nf_hook_slow() functions, which improperly handle packet filtering verdicts. This flaw can lead to double free memory corruption, providing attackers a pathway to execute arbitrary code in the kernel space and gain persistent access.
Although a patch was released in January 2024 and the issue was added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog by May 2024, researchers now confirm that it is being actively weaponized in ransomware campaigns. Security firm CrowdStrike first detected exploitation attempts in April 2024, later escalating the risk rating to “Critical” after public exploit code surfaced online.
Privilege escalation flaws such as CVE 2024 1086 are particularly valuable to ransomware operators. By obtaining root privileges, attackers can disable endpoint protections, encrypt files, delete backups, and move laterally across networks. Even a low privileged user account can become a launchpad for full system compromise, making this bug a prime catalyst for large scale ransomware incidents.
Organizations that rely on Linux for cloud workloads, enterprise servers, or operational technology should treat this vulnerability as actively exploited in the wild and assume exposure until verified otherwise. Especially at a time when security breaches of cloud systems are at their highest.
