Skip to content
The Nexus
DossierENTITY

Theori

Coverage of Theori in the Nexus archive.

Earliest in view: Apr 30 · 09:24 UTCMost recent: May 5 · 15:01 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 5 · 15:01 UTCTHE REGISTER
    Attackers are cashing in on fresh 'CopyFail' Linux flaw

    A newly-disclosed Linux kernel bug called 'CopyFail' is being exploited, allowing low-level users to gain full control of a system. The bug, tracked as CVE-2026-31431, was disclosed by cybersecurity consultancy Theori and has been added to the CISA's Known Exploited Vulnerabilities catalog. Federal agencies have been ordered to patch within two weeks.

  • SECURITYMay 4 · 21:54 UTCCYBERSCOOP
    ‘Copy Fail’ is a real Linux security crisis wrapped in AI slop

    A Linux vulnerability known as 'Copy Fail' is being actively exploited, allowing attackers to gain total control of a system with authenticated local access. The vulnerability was discovered by Theori using AI and affects Linux kernels built since 2017. Patches have been issued for major Linux distributions.

  • SECURITYMay 4 · 11:28 UTCBLEEPING COMPUTER
    CISA says ‘Copy Fail’ flaw now exploited to root Linux systems

    CISA has warned that threat actors are exploiting the Copy Fail Linux security vulnerability, which was disclosed by Theori researchers along with a proof-of-concept exploit. This vulnerability allows attackers to root Linux systems. The warning came one day after the disclosure.

  • SECURITYMay 1 · 16:55 UTCTHE VERGE
    Severe Linux Copy Fail security flaw uncovered using AI scanning help

    A severe security vulnerability named 'Copy Fail' (CVE-2026-31431) has been discovered in nearly all Linux distributions since 2017, allowing users to escalate privileges to administrator level via a Python script. The exploit, uncovered by security firm Theori, requires no distribution-specific adjustments and poses a significant risk due to its stealthy nature, as highlighted by Ars Technica and DevOps engineer Jorijn Schrijvershof.

  • SECURITYApr 30 · 20:20 UTCARS TECHNICA
    The most severe Linux threat to surface in years catches the world flat-footed

    A critical local privilege escalation vulnerability named CopyFail (CVE-2026-31431) has been publicly exploited, allowing root access to nearly all Linux versions. Theori, a security firm, disclosed the flaw after notifying the Linux kernel security team, but many distributions had not yet applied patches, leaving systems vulnerable to breaches in data centers and personal devices.

  • SECURITYApr 30 · 09:24 UTCTHE HACKER NEWS
    New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

    A high-severity Linux local privilege escalation vulnerability, dubbed Copy Fail (CVE-2026-31431) with a CVSS score of 7.8, allows unprivileged users to gain root access by manipulating the page cache of readable files. The flaw was disclosed by cybersecurity researchers from Xint.io and Theori.

Theori · Dossier · The Nexus