Theori
Coverage of Theori in the Nexus archive.
- Attackers are cashing in on fresh 'CopyFail' Linux flaw
A newly-disclosed Linux kernel bug called 'CopyFail' is being exploited, allowing low-level users to gain full control of a system. The bug, tracked as CVE-2026-31431, was disclosed by cybersecurity consultancy Theori and has been added to the CISA's Known Exploited Vulnerabilities catalog. Federal agencies have been ordered to patch within two weeks.
- ‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
A Linux vulnerability known as 'Copy Fail' is being actively exploited, allowing attackers to gain total control of a system with authenticated local access. The vulnerability was discovered by Theori using AI and affects Linux kernels built since 2017. Patches have been issued for major Linux distributions.
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
CISA has warned that threat actors are exploiting the Copy Fail Linux security vulnerability, which was disclosed by Theori researchers along with a proof-of-concept exploit. This vulnerability allows attackers to root Linux systems. The warning came one day after the disclosure.
- Severe Linux Copy Fail security flaw uncovered using AI scanning help
A severe security vulnerability named 'Copy Fail' (CVE-2026-31431) has been discovered in nearly all Linux distributions since 2017, allowing users to escalate privileges to administrator level via a Python script. The exploit, uncovered by security firm Theori, requires no distribution-specific adjustments and poses a significant risk due to its stealthy nature, as highlighted by Ars Technica and DevOps engineer Jorijn Schrijvershof.
- The most severe Linux threat to surface in years catches the world flat-footed
A critical local privilege escalation vulnerability named CopyFail (CVE-2026-31431) has been publicly exploited, allowing root access to nearly all Linux versions. Theori, a security firm, disclosed the flaw after notifying the Linux kernel security team, but many distributions had not yet applied patches, leaving systems vulnerable to breaches in data centers and personal devices.
- New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
A high-severity Linux local privilege escalation vulnerability, dubbed Copy Fail (CVE-2026-31431) with a CVSS score of 7.8, allows unprivileged users to gain root access by manipulating the page cache of readable files. The flaw was disclosed by cybersecurity researchers from Xint.io and Theori.