Cybersecurity News in Asia

Features
- Featured
  
  Agentic RAG: Key to turning APAC’s AI pilots into profits?
  
  Tuesday, May 19, 2026, 2:15 PM Asia/Singapore | Features
- Featured
  
  How a Vietnamese D2C retailer built its own secure digital infrastructure
  
  Monday, May 18, 2026, 2:21 PM Asia/Singapore | Case Study, Features
- Featured
  
  Are AI-powered cyber threats evolving faster than courts and police can adapt?
  
  Monday, May 11, 2026, 8:30 AM Asia/Singapore | Features
Opinions
Tips
Whitepapers
AWARDS 2026
Directory
E-Learning

Qualys Threat Research Unit discovers “CrackArmor”

By CybersecAsia editors | Wednesday, March 18, 2026, 8:00 AM Asia/Singapore

Nine vulnerabilities that can be exploited since 2017, putting millions of Linux systems in danger.

The Qualys Threat Research Unit (TRU) has recently discovered “CrackArmor”, a set of nine vulnerabilities within AppArmor, a widely used security module in the Linux kernel.

These flaws have left over 12 million enterprise systems running Ubuntu, Debian, and SUSE distributions exposed since 2017, enabling local attackers to gain full root access, execute container breakouts, and cause system-wide crashes.

The CrackArmor vulnerabilities exploit a “confused deputy” flaw, which manipulates a trusted, higher-privilege program into misusing its authority. Attackers can trick system processes into performing malicious actions on their behalf, effectively bypassing security controls to gain unauthorized access or escalate privileges without needing administrative credentials.

The discovery highlights a significant risk across numerous sectors. Industries most impacted include cloud computing, banking and finance, manufacturing, healthcare, and government.

“These discoveries highlight critical gaps in how we rely on default security assumptions,” said Dilip Bachwani, Chief Technology Officer, Qualys. “CrackArmor proves that even the most entrenched protections can be bypassed without admin credentials. For CISOs, this means patching alone isn’t enough; we must re-examine our entire assumption of what ‘default’ configurations mean for our infrastructure.”

Qualys researchers have determined that the only reliable method to mitigate the CrackArmor vulnerabilities is through immediate kernel patching. Organizations are urged to apply the necessary security updates to protect their systems from potential exploitation.

In keeping with the responsible disclosure process, the Qualys TRU team coordinated and communicated with upstream maintainers for several months to ensure that fixes were robust and stable across all Linux distributions prior to public release.

CybersecAsia understands that the Linux community is working to address these critical security issues.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

How a Vietnamese D2C retailer built its own secure digital infrastructure
Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
Cyber protection for medical clinics in Singapore
As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

Nexusguard Releases 2025 DDoS Threat Analysis and Industry Perspectives Report
Tuesday, May 19, 2026
Designed to inform enterprise security …Read More »
SU Group Launches Expanded AI Security Offering to Meet Surging Global Demand
Monday, May 18, 2026
HONG KONG, May 18, 2026 …Read More »
Cohesity Expands Strategic Alliance with HPE to Deliver Industry-Leading Cyber Resilience, Data Protection, and Hybrid Cloud Solutions
Saturday, May 16, 2026
SINGAPORE, May 15, 2026 /PRNewswire/ …Read More »
SwitchBot Launches Lock Vision Series, the World’s First Smart Deadbolt Locks with 3D Structured-Light Facial Recognition
Friday, May 15, 2026
TOKYO, May 15, 2026 /PRNewswire/ …Read More »
SU Group Announces Pricing of $6 Million Public Offering
Tuesday, May 12, 2026
HONG KONG, May 12, 2026 …Read More »

Cybersecurity News in Asia

Featured

Agentic RAG: Key to turning APAC’s AI pilots into profits?

Featured

How a Vietnamese D2C retailer built its own secure digital infrastructure

Featured

Are AI-powered cyber threats evolving faster than courts and police can adapt?

Qualys Threat Research Unit discovers “CrackArmor”

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar

Other News