Linux “ssh-keysign-pwn” Flaw Exposing Critical Authentication Files

A newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords stored in /etc/shadow. Tracked as CVE-2026-46333 and GHSA-pm8f-4p6p-6×53, the flaw has existed undetected for approximately six years and was…

IT Security News Daily Summary 2026-05-15

133 posts were published in the last hour 21:32 : The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days 21:2 : The Next Cybersecurity Challenge May Be Verifying AI Agents 19:5 : IT Security News Hourly Summary 2026-05-15…