Category: 4. Technology

Critical Sudo bugs expose major Linux distros to local Root exploits

Pierluigi Paganini
July 04, 2025

Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions.

Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems.

Sudo (short for “superuser do”) is a command-line utility found in Unix and Linux systems. It lets a permitted user run commands with the security privileges of another user, most commonly the root user (the system’s most powerful administrative account).

Below is the description of the two vulnerabilities:

• CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
• CVE-2025-32463 (CVSS score: 9.3) – Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the –chroot option.

The Stratascale Cyber Research Unit (CRU) team discovered both local privilege vulnerabilities.

CVE-2025-32462 is a critical flaw in the Sudo utility, stemming from the --host option introduced in version 1.8.8 in 2013. Though originally meant only for listing rules (sudo -l), it also worked with other commands like sudoedit. In specific enterprise configurations using Host or Host_Alias directives, this oversight lets users run commands with elevated privileges by referencing remote host rules.

“The Stratascale CRU team discovered that since the introduction of the host option in 2013, executing a sudo or sudoedit command with the host option referencing an unrelated remote host rule causes Sudo to treat the rule as valid for the local system. As a result, any command allowed by the remote host rule can be executed on the local machine.” reads the report published by Stratascale.”Even though the production server is explicitly denied for the lowpriv user, root access is achieved by specifying the host option for the development server.”

The issue was addressed with a patch that limits the --host option to listing only.

“Sudo’s -R (–chroot) option is intended to allow the user to run a command with a user-selected root directory if the sudoers file allows it. A change was made in sudo 1.9.14 to resolve paths via chroot() using the user-specified root adirectory while the sudoers file was still being evaluated. It is possible for an attacker to trick sudo into loading an arbitrary shared library by creating an /etc/nsswitch.conf file under the user-specified root directory.” reads the advisory published by Sudo project maintainers. “The change from sudo 1.9.14 has been reverted in sudo 1.9.17p1 and the chroot feature has been marked as deprecated. It will be removed entirely in a future sudo release. Because of the way sudo resolves commands, supporting a user-specified chroot directory is error-prone and this feature does not appear to be widely used.”

On April 1st, 2025, Rich Mirch from Stratascale Cyber Research Unit (CRU) reported the vulnerability to Sudo maintainer Todd Miller. On June 23, 2025 a patch was sent to operating system distros list. Sudo advisory links confirmed.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Sudo)

Apple’s new Liquid Glass design is noticeable on the Home Screen right when you unlock your iPhone, though the degree of change is customizable. We’ve rounded up everything that’s changed with the ‌iPhone‌’s main interface.

Liquid Glass Design

By default, app icons have a layered look with subtle depth, essentially appearing as multiple sheets of glass stacked on one another to create a glass-like translucent look.

Apple created Liquid Glass app icons for apps like Safari, Maps, Photos, the App Store, Mail and more. Third-party app icons are adopting the same aesthetic, and for apps with a simple design on a solid background, no update is needed. Icons like this already have a Liquid Glass look.

The dock is transparent and blends into the background behind it, and the same goes for the search button. App folders have a frosted glass design that also changes tint based on your wallpaper. When you edit your ‌Home Screen‌, the buttons that you interact with are also transparent.

Interface elements like the dock, folders, and the search button have a lighting effect that changes when you move your ‌iPhone‌, making them look like real glass.

Light, Dark and Tinted Modes

The Liquid Glass effect is apparent in both Light Mode and Dark Mode, with icons continuing to feature the same stacked glass look, just with a lighter or darker background.

Apple technically changed Light Mode to “Default Mode” in the customization settings where you can adjust color (long press on the display and tap on customize).

There are new “Always” and “Auto” toggles for enabling permanent Light or Dark styles or adjusting them based on time, and the Small and Large buttons for changing icon size have been relocated to the upper right of the customization interface.

Tinted mode looks different in iOS 26 than it did in iOS 18. Rather than icons featuring a black background with colored graphics, icons adopt the full color that you select with white graphics in Light Mode. In ‌Dark Mode‌, backgrounds are a much darker shade of the color you choose, but aren’t entirely black.

With Tinted icons, the layered glass look isn’t as obvious, but it’s still present.

Clear Icons

Apple added a “Clear” icon option in ‌iOS 26‌ that’s available alongside Default, Dark, and Tinted. As the name suggests, Clear has a dramatic Liquid Glass look with icons that are entirely transparent. The icons adopt the color of your wallpaper, with white text and designs.

There are Light and Dark options for the Clear setting. Light looks like frosted glass, while Dark looks like tinted glass. If you want to go all-in on Liquid Glass and have your ‌iPhone‌ look notably different, Clear is the option to choose.

Widgets

Widgets have some of the same aesthetic as icons, but on the whole, they don’t look too much different from how they looked in ‌iOS 18‌ in the Default mode.

With the Clear option turned on, widgets are transparent and have a more cohesive design that matches with your wallpaper.

Wallpaper

You can edit your wallpaper directly from the ‌Home Screen‌ in ‌iOS 26‌. Long press on the display and then tap on the new “Edit Wallpaper” option.

The wallpaper interface lets you change the image that you’re using on the ‌Home Screen‌, but it doesn’t affect the Lock Screen. If you have a photo set as a wallpaper, for example, you can change the color, select a gradient, or choose a photo, plus you can turn blurring for images off or on.

Wallpaper takes a starring role in ‌iOS 26‌ because it affects the color of the dock, folders, and icons, depending on your settings.

Control Center

Control Center adopts Liquid Glass, so while the functionality is the same, the general look is different. Compared to the ‌iOS 18‌ Control Center, the ‌iOS 26‌ version has depth for the icons with the Liquid Glass shifting light effect.

The icons are tinted to look like frosted glass, and some of the underlying buttons for adjusting Control Center have been tweaked with the updated look. Icons are a little larger, and some of the bar-shaped icons for volume, brightness, and other settings are rounder.

Other Home Screen Elements

The Dynamic Island, Notification Center, long press gestures, and App Library have not changed beyond aesthetics. App Library folders are translucent and the search bar is rounded, and for widgets, there is a glass look of varying intensity depending on your icon color choice.

App Library icons are also slightly larger, with less padding between them.

Web Apps

When you add a website to your ‌Home Screen‌ in ‌iOS 26‌, it always opens as a web app. Web apps were available on the ‌Home Screen‌ in ‌iOS 18‌, but web developers needed to configure them to operate as web apps.

If websites weren’t configured properly, they would open in Safari when added to the ‌Home Screen‌. Now a website will open as a dedicated web app, even if it hasn’t been explicitly set up to work that way.

There is an Open as Web App option that can be toggled off when adding a website to a ‌Home Screen‌ if you prefer that websites open up in Safari.

Read More

We have a dedicated iOS 26 roundup that goes into detail on all of the new features that are available in the update.

Tired of receiving those spam texts asking you to pay for a toll you supposedly owe? Other spam texts can be just as annoying. How many messages have you received supposedly sent from the U.S. Postal Service about a package that couldn’t be delivered because there wasn’t enough postage paid? One of the hallmarks of a successful spam campaign is a message that forces you to react emotionally instead of logically.

One example would be a text claiming to be from your bank that says it is processing a withdrawal for a large amount of money. Right away, you worry that someone was able to infiltrate your bank account so you respond to the text by revealing personal information, and find that you’ve put yourself in even more financial jeopardy.

Toggling on “Screen Unknown Senders” hides notifications about texts sent from a sender you don’t know and moves such messages to the Unknown Senders list. In a little bit, I will tell you how to access that list. The Filter Spam hides notifications related to texts considered to be spam and moves such messages to the Spam list.

Apple Messages will filter spam and texts from unknown senders in iOS 26. | Image credit-PhoneArena

Even though you won’t see notifications about texts received from unknown senders and texts considered to be spam in your main conversations page, these texts can be accessed from individual Unknown Senders and Spam lists. To see those lists, open the Messages app and tap the blue button in the top right-corner. You will see a small menu pop up. To view messages from “Unknown Senders,” press on that listing. You will see all of the texts you received from unknown senders that were hidden by the system. Do the same for “Spam” to see a list of texts considered spam that were placed in the individual Spam list.

Tapping the blue button in the upper-right corner will allow you to access four different and individual lists containing:

• Messages
• Unknown Senders
• Spam
• Recently Deleted messages

Again, this is a feature that most of you will receive with the iOS 26 release in September. Those of us who have installed the iOS 26 Developer beta have this feature now.

As AI agents grow more autonomous and influential in enterprise and operational environments, a new class of infrastructure has emerged as critical: Model Context Protocol (MCP) servers.

MCP servers help support the use of real-time data, enhancing situational awareness. Unlike traditional inference-serving models, where a stateless prompt yields a one-time response, MCP-backed agents often operate autonomously and can take actions based on new information.

As a result, many organizations are exploring MCP servers for the first time. And like any other new technology, there are implementation challenges and security issues that must be addressed.

Implementation Challenges

Implementing MCP servers presents several challenges, particularly in terms of scalability, data consistency, and model interoperability. MCP servers must deliver low-latency context access while handling rapidly evolving memory structures. Additionally, supporting multiple types of AI agents, which are often powered by different models or frameworks, requires standardized context schemas and adaptable APIs. Integration with external data sources and orchestrating context across multi-agent environments further complicates implementation, demanding careful design around performance, reliability, and modularity.

With that said, here are some of the top implementation challenges to address in any MCP implementation.

Real-Time Context Management at Scale: MCP servers must support low-latency access to large volumes of structured and unstructured data, often in a distributed setting. Organizations must decide how to prioritize retrieval performance over consistency and how to orchestrate updates without interrupting ongoing agent workflows.

Cross-Agent and Cross-Domain Complexity: In environments where multiple agents collaborate, such as when a swarm of agents coordinates logistics in real-time, MCP servers must serve context that is both shared and scoped appropriately. Improper isolation could lead to “context bleeding,” where one agent inadvertently accesses or corrupts another’s memory or instructions.

Integration with Heterogeneous AI Models: Many organizations deploy a mix of open-source, proprietary, and fine-tuned foundation models. Ensuring that MCP context formats are interoperable across diverse models requires standardized schemas, adaptable APIs, and often runtime translation layers.

Security Challenges

Giving AI agents the ability to access different data sources and act autonomously obviously introduces potential security problems. Unfortunately, malicious actors are keen to exploit these problems. Therefore, organizations need to be aware of common security issues and how to minimize their impact. To that end, some of the top issues to consider include:

Target-Rich Environment for Attackers: MCP servers house sensitive intellectual property, strategic intent, and behavioral history. A breach could allow attackers to manipulate agent decisions subtly over time, such as altering financial strategies, operational workflows, or even cybersecurity responses. This makes MCPs a prime vector for cyber risk.

Authentication and Authorization Complexity: With agents potentially spawning dynamically, authenticating identities and authorizing access to context becomes nontrivial. Fine-grained policies must distinguish between agents, tasks, users, and even temporal state, all while minimizing performance impact.

Poisoning and Context Drift: Beyond direct breaches, attackers may attempt to poison MCPs by injecting subtly corrupted data, thereby altering an agent’s behavior in ways that are hard to detect. Defending against this requires a mix of provenance tracking, anomaly detection, and possibly cryptographic signing of trusted context updates.

See also: MCP: Enabling the Next Phase of Enterprise AI

Drilling Down into MCP Security Challenges

A recent investigation by Backslash Security revealed a troubling pattern of vulnerabilities in MCP servers. The company’s analysis uncovered that hundreds of MCP instances were misconfigured, leaving them exposed to serious security risks. One of the most alarming findings, dubbed “NeighborJack,” showed that many MCP servers were bound to 0.0.0.0, meaning they were open to any device on the same local network. In environments like coworking spaces or shared office networks, this allowed potential attackers to silently connect to these servers without any authentication, hijacking agent behavior, or accessing sensitive context data.

Compounding this issue, some servers were found to permit the execution of arbitrary operating system commands. Due to poor input sanitization and unsafe subprocess handling, attackers could run dangerous commands, such as deleting files, stealing credentials, or even installing malware. In the worst cases, servers combined both vulnerabilities, allowing a complete remote takeover without any credentials or security checks.

Even more troubling is the potential for context poisoning, where manipulated data, such as phishing emails or malicious documents, could silently enter an agent’s context and influence its reasoning. The report’s findings underscore the urgent need to properly secure MCP servers by restricting access, validating input, and treating these systems as high-risk infrastructure.

The Road Ahead for MCP

Just as databases have become critical infrastructure for enterprise applications, MCPs are becoming foundational for intelligent automation. And with that rise comes the urgent need to treat them as a critical asset to protect, optimize, and audit.

As MCP servers become the backbone of multi-agent AI systems, their design and protection demand first-class architectural status. Organizations must invest in secure memory architectures, implement zero-trust principles across agent interactions, and continuously monitor for anomalies in context.

Baseus recently released a new line of Enercore wall chargers that is designed to be the ultimate travel friendly accessory while delivering enough power output to quickly charge your portable electronics. Even better, you can take advantage of some early Amazon Prime Day discounts. Currently the 67W model is on sale for Amazon Prime members for just $36.99 after you apply an additional 5% off coupon code “GOHTHZJQ“. The most unique feature of this charger is the built-in retractable USB-C cable, which saves you from bringing along yet another travel accessory.

Baseus Enercore Wall Chargers with Built-In Cable

Google Assistant is preparing to go into retirement sometime later this year, and in addition to its duties, Gemini is also ready to assume the OG assistant’s uniform.

Since its early Bard days, Gemini has maintained its blue and purple hue branding across different sections of the app. Hints about that consistent color scheme changing started emerging earlier this month, albeit in beta. Well, those hints are materializing now, with Gemini now donning Google/Google Assistant’s classic red, yellow, green, and blue color scheme.

Normally tied to the Google app, the change went live for me with the latest Google Gemini version 1.0.776555963 build, which is available now on the Play Store. If the update hasn’t rolled out to you yet, sideloading the build from APKMirror should work just fine.

Post-update, you should see a new Gemini logo in your app drawer. Well, to be precise, the logo retains its shape, but it four sides aren’t as sharp as before. More importantly, the filled color has changed to Google’s standard colors, as seen in the images below.

More changes to come

Old (left), new (right)

The Gemini logo that appears next to the “Just a sec…” text when Gemini is forming a response retains its inner blue and purple hue, albeit with a new multi-colored outer glow that’s consistent with the overall refresh. The Gemini logo on the “Switch to Gemini” boarding screen also dons the new look.

It’s worth noting that older leaks suggested that the change would also make its way to the app’s splash screen, though that hasn’t materialized in the current stable rollout. The same goes for the home-screen greeting, which was previously reported to transition from its familiar blue and purple hue to an all-blue scheme. Those changes will likely arrive in a future update, potentially closer to the disapperance of Google Assistant.

What are your first impressions of this simple color tweak? Let us know in the comments below.

Thanks: Moshe!

Despite it having upward of 61,000 reviews on Steam, Hades II isn’t actually out yet. The sequel to Supergiant Games’ hugely successful roguelite dungeon crawler has been in early access on PC for over a year, and even the early builds were extremely polished and content-rich for what is still a work-in-progress game. But we (and Switch owners) have been waiting patiently for that 1.0 release date, and it looks like it might be just around the corner, with Supergiant confirming that the latest Unseen Update is likely to be the final one ahead of the full launch.

The third major early access arrived on June 17, and was focused primarily on combat tweaks, as well as adding a new Vow of Rivals that not only made Guardian encounters tougher, but forced players to switch up their strategies for each bout. The latest patch is mainly a host of minor adjustments to existing items and abilities, as well as some balancing on the aforementioned Vow of Rivals Encounters. No more new story content or areas are due to be added ahead of the v.10 launch, with Supergiant back in June that the game’s true ending is being held back for the full release. If you’re a console player or just wanted to hold out until the game is finished, it’s probably safe to start getting excited.

That said, PlayStation and Xbox owners are going to have to wait a little longer, because while we still don’t know Hades II’s release date, we do know that the game is on PC and both the Switch and Switch 2 initially, mirroring the release roadmap of its predecessor. The developer has already assured fans that both Nintendo consoles can run the game at a smooth 60 fps, with the Switch 2 version benefiting from the console’s larger 1080p display in handheld mode.

Alienware’s Black Friday in July Sale has officially kicked off, and one of the best deals I’ve seen so far is this Alienware Aurora R16 RTX 5080 gaming PC for just $2,099.99 $1,999.99 shipped. This is $350 less than the previous best deal I’ve seen on the same configuration, and one of the best prices you can get for any prebuilt RTX 5080 gaming PC. The Alienware Aurora R16 is a well-engineered and compact gaming rig with 240mm AIO water cooling, sensible airflow design, and a generous 1,000W 80Plus Platinum rated power supply. In the current market, buying a prebuilt gaming PC is the only way to score an RTX 5080 GPU without paying an exorbitant markup. If you were to try to find a 5080 GPU for your do-it-yourself PC build, you’ll probably spend $1,400 for the graphics card alone.

Update: Price has dropped yet again from $2,099.99 to $1,999.99. This is the first time I’ve seen an Alienware RTX 5080 gaming PC priced under $2K, so get it while you can.

Alienware Aurora RTX 5080 Gaming PC From $1,999.99