News

BlockBeats News, May 9th. "Copy Fail" is a recently exposed Linux kernel local privilege escalation vulnerability, affecting a large number of mainstream Linux distributions since 2017. Researchers say that after gaining ordinary user privileges, an attacker can swiftly obtain root superuser privileges using about 10 lines of Python code. The United States Cybersecurity and Infrastructure Security Agency (CISA) has included the vulnerability in the "Known Exploited Vulnerabilities" list. As much of the cryptographic infrastructure relies on Linux, including exchanges, validation nodes, mining pools, hosted wallets, and cloud-based trading systems, the vulnerability has attracted significant attention in the crypto industry. Analysis indicates that once an attacker exploits the vulnerability to compromise relevant servers, they may further steal private keys, control validation nodes, gain administrator privileges, or even launch ransomware attacks. While the vulnerability itself does not directly impact blockchain protocols, if the underlying Linux system is compromised, it could still pose severe operational and financial risks to the crypto ecosystem. Industry experts also warn that with the enhancement of AI-assisted vulnerability discovery capabilities, similar underlying security issues may be discovered and weaponized more rapidly in the future, raising the crypto industry's reliance risk on server and operating system security.

ChainCatcher reports that South Korea plans to impose a 22% tax on virtual asset gains exceeding 2.5 million won starting next year, and officials have confirmed the timeline will proceed as scheduled.

CME Group plans to launch Bitcoin volatility futures on June 1, and is currently awaiting regulatory approval. This will provide investors with a way to bet on the magnitude of price fluctuations.