security

CVE-2026-31431, discovered by Theori using its AI scanner Xint Code, lets unprivileged users root Ubuntu, Amazon Linux, RHEL, and SUSE through a logic flaw in the kernel's crypto subsystem.

GitLab's April 16 release graduates a security agent that opens ready-to-merge fixes for confirmed SAST findings, ships a beta CI pipeline agent and a generally available analytics agent, and gives administrators enforceable monthly caps on Duo Agent Platform credits.

GitLab's April release adds a CI Expert Agent that generates pipelines from repository analysis, moves Agentic SAST vulnerability resolution to GA, and delivers natural-language DevOps analytics.

pnpm 11's release candidate ships minimumReleaseAge=1 day, blockExoticSubdeps, and strictDepBuilds as defaults, baking lessons from the March 2026 Trivy and axios attacks into the package manager itself.

Kubernetes v1.36, releasing April 22, brings accelerated SELinux volume labelling to GA, expands Dynamic Resource Allocation for AI hardware, and permanently removes the insecure gitRepo volume driver.

A test aboard the research vessel Haiyang Dizhi 2 demonstrated a compact, self-contained actuator capable of cutting undersea structures more than two miles down, raising fresh concerns about the resilience of the cables that carry 95 percent of intercontinental internet traffic.

Raspberry Pi OS 6.2 tightens security by requiring a password for sudo commands on new installations and replaces PulseAudio with PipeWire across the desktop stack.

The Bytecode Alliance patches 12 Wasmtime flaws, two critical, found during a three-week LLM-assisted security sprint by Mozilla, UCSD, Akamai, and F5.

A Google Quantum AI whitepaper shows fewer than 500,000 qubits could break elliptic curve cryptography in minutes, a 20-fold improvement over prior estimates that accelerates the post-quantum migration timeline.

The CNCF incubating project ships runtime threat detection powered by CEL-based rules, a centralized security metadata store, and the first open-source controls for auditing AI agent configurations in Kubernetes clusters.

Oracle ends security patches for MySQL 8.0 on April 30, leaving 58 percent of monitored instances on an unsupported version with no fix path for new vulnerabilities.

Ubuntu 26.04 LTS enters beta on March 26, shipping Rust-based coreutils and sudo, GNOME 50 without X11, post-quantum SSH, and AMD ROCm in official repositories.