Cybersecurity News in Asia

Features
- Featured
  
  Physical and digital security converge in APAC
  
  Monday, April 6, 2026, 2:22 PM Asia/Singapore | Features
- Featured
  
  Agentic AI: The next great productivity hack or the ultimate security nightmare of 2026?
  
  Wednesday, March 18, 2026, 3:00 PM Asia/Singapore | Features, Newsletter
- Featured
  
  Misconfigured AI: Hype or real threat to APAC Infrastructure?
  
  Monday, March 16, 2026, 7:36 PM Asia/Singapore | Features, Tips
Opinions
Tips
Whitepapers
Awards 2025
Directory
E-Learning

Qualys Threat Research Unit discovers “CrackArmor”

By CybersecAsia editors | Wednesday, March 18, 2026, 8:00 AM Asia/Singapore

Nine vulnerabilities that can be exploited since 2017, putting millions of Linux systems in danger.

The Qualys Threat Research Unit (TRU) has recently discovered “CrackArmor”, a set of nine vulnerabilities within AppArmor, a widely used security module in the Linux kernel.

These flaws have left over 12 million enterprise systems running Ubuntu, Debian, and SUSE distributions exposed since 2017, enabling local attackers to gain full root access, execute container breakouts, and cause system-wide crashes.

The CrackArmor vulnerabilities exploit a “confused deputy” flaw, which manipulates a trusted, higher-privilege program into misusing its authority. Attackers can trick system processes into performing malicious actions on their behalf, effectively bypassing security controls to gain unauthorized access or escalate privileges without needing administrative credentials.

The discovery highlights a significant risk across numerous sectors. Industries most impacted include cloud computing, banking and finance, manufacturing, healthcare, and government.

“These discoveries highlight critical gaps in how we rely on default security assumptions,” said Dilip Bachwani, Chief Technology Officer, Qualys. “CrackArmor proves that even the most entrenched protections can be bypassed without admin credentials. For CISOs, this means patching alone isn’t enough; we must re-examine our entire assumption of what ‘default’ configurations mean for our infrastructure.”

Qualys researchers have determined that the only reliable method to mitigate the CrackArmor vulnerabilities is through immediate kernel patching. Organizations are urged to apply the necessary security updates to protect their systems from potential exploitation.

In keeping with the responsible disclosure process, the Qualys TRU team coordinated and communicated with upstream maintainers for several months to ensure that fixes were robust and stable across all Linux distributions prior to public release.

CybersecAsia understands that the Linux community is working to address these critical security issues.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

Cyber protection for medical clinics in Singapore
As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more

Bottom sidebar

Other News

Hong Kong Anti-graft Watchdog: Clean Governance and Ethical Business is Key to Hong Kong’s Sustainable Business Development
Thursday, April 9, 2026
HONG KONG, April 9, 2026 …Read More »
Goodix Launches the World’s First eSE Solution Designed for AI Agents
Thursday, April 9, 2026
SHENZHEN, China, April 8, 2026 …Read More »
LRQA Amplifies Industrial and Cyber Resilience in APAC at CS4CA Summit 2026
Thursday, April 9, 2026
SINGAPORE, April 8, 2026 /PRNewswire/ …Read More »
MegazoneCloud Achieves Profitability Turnaround with $1.16 Billion Revenue in 2025
Thursday, April 9, 2026
Revenue grows 28% YoY… EBITDA …Read More »
Taoping Expands Smart Elevator Services Business with New Orders Exceeding US$3 Million
Wednesday, April 8, 2026
TIANJIN, China, April 8, 2026 …Read More »

Cybersecurity News in Asia

Featured

Physical and digital security converge in APAC

Featured

Agentic AI: The next great productivity hack or the ultimate security nightmare of 2026?

Featured

Misconfigured AI: Hype or real threat to APAC Infrastructure?

Qualys Threat Research Unit discovers “CrackArmor”

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar

Other News