Cybersecurity & InfoSec

👀 New Linux Rootkit Exploits io_uring, Evades Detection

ARMO’s Curing rootkit uses io_uring to bypass system call monitoring—Falco, Tetragon, and even Microsoft Defender can’t see it.

Attackers can run commands without triggering system calls.

Read →

👀 New Linux Rootkit Exploits io_uring, Evades Detection

ARMO’s Curing rootkit uses io_uring to bypass system call monitoring—Falco, Tetragon, and even Microsoft Defender can’t see it.

Attackers can run commands without triggering system calls.

Read → https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html