devtake.dev — WizArticles on devtake.dev covering Wiz.https://devtake.dev/en-usA nine-year-old Linux kernel bug gives root in one command. No patch exists yet.https://devtake.dev/article/linux-dirty-frag-kernel-privilege-escalation/https://devtake.dev/article/linux-dirty-frag-kernel-privilege-escalation/Dirty Frag chains two page-cache flaws in the ESP and RxRPC subsystems into a deterministic privilege escalation that hits every major distro. A PoC exploit is public.Sun, 10 May 2026 10:00:00 GMTsecuritysecuritylinuxkernelcve-2026-43284privilege-escalationzero-daydirty-fragluca-reinhardtWiz found an RCE in GitHub's git-push pipeline. The patch shipped in six hours.https://devtake.dev/article/github-rce-cve-2026-3854-wiz/https://devtake.dev/article/github-rce-cve-2026-3854-wiz/CVE-2026-3854 is a CVSS 8.7 RCE in GitHub's git-push pipeline. github.com fixed it within hours. 88% of Enterprise Server installs were still vulnerable at disclosure.Wed, 29 Apr 2026 09:05:00 GMTsecuritygithubsecuritycve-2026-3854rcesupply-chainwizgithub-actionsdev-toolsluca-reinhardtTrivy got hijacked: 75 of 76 version tags rewrote to drop a CI secret-stealerhttps://devtake.dev/article/trivy-supply-chain-attack-compromise/https://devtake.dev/article/trivy-supply-chain-attack-compromise/Attackers force-pushed 75 of 76 trivy-action tags to a malicious commit. Pinning by tag turned a trusted scanner into an infostealer for CI pipelines.Sat, 18 Apr 2026 08:30:00 GMTsecuritysupply-chaintrivyaqua-securitygithub-actionscicddevsecopsteampcpluca-reinhardt