https://cybercrime.club/tags/qualys/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSat, 16 May 2026 23:09:06 -0400https://cybercrime.club/posts/ssh-keysign-pwn-cve-2026-46333-linux-kernel-ptrace-race/Sat, 16 May 2026 23:09:06 -0400https://cybercrime.club/posts/ssh-keysign-pwn-cve-2026-46333-linux-kernel-ptrace-race/Qualys disclosed a six-year-old logic flaw in __ptrace_may_access that lets any local user race ssh-keysign and chage out of their host keys and shadow file. Public PoC works out of the box on Debian, Ubuntu, Arch, and the EL9/EL10 families. Patch or set kernel.yama.ptrace_scope=2 now.vulnerabilities