Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

Updated on April 24, 2025

Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring.
This causes a “major blind spot in Linux runtime security tools,” ARMO said.
“This mechanism allows a user application to perform various actions without using system calls,” the company said in…

Read the rest of the story at Read More

Source: The Hacker News

September 9, 2024 Uncategorized

TIDRONE Espionage Group Targets Taiwan D...

July 29, 2024 Uncategorized

‘Stargazer Goblin’ Creates 3...

October 23, 2024 Uncategorized

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

Related posts

TIDRONE Espionage Group Targets Taiwan D...

‘Stargazer Goblin’ Creates 3...

Researchers Reveal ‘Deceptive Deli...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines