Latest Privacy

The Hacker News

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

By Ravie Lakshmanan 04 May 2020 at 16:05

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. Tracked as CVE-2020-11651 and CVE-2020-11652, the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The issues were fixed by SaltStack in a release published on April 29th.

Read more