Arbitrary code execution breaking sandboxes in KDE Plasma | Kimiblock's Blog
Ubuntu Desktop 26.10 "Stonking Stingray" Roadmap: Building toward Ubuntu 28.04 LTS
Linux Kernel Adds Documentation For What Qualifies As A Security Bug, Responsible AI Use
pocs/fragnesia-5db89c99566fc - variant of our Fragnesia bug (CVE-2026-46300) that bypasses the merged fix
Behind the Scenes Hardening Firefox with Claude Mythos Preview – Mozilla Hacks - the Web developer blog
Behind the Scenes Hardening Firefox with Claude Mythos Preview – Mozilla Hacks - the Web developer blog
Certainly an interesting vulnerability, but one you shouldn't worry about.
If you do really care about sandbox security, the first thing I would recommend doing is globally blocking filesystem access to anywhere in your $HOME that runs script code, such as:
I have a script that I use to control flatpak overrides and I do something like this:
# paths to block GLOBAL_RESTRICTION_PATHS=( "~/.bash_logout" "~/.bash_profile" "~/.bashrc" "~/.profile" "~/.ssh" "~/.zshenv" "xdg-config/zsh" "~/.local/bin" "xdg-config/systemd" ) # globally block these paths for path in "${GLOBAL_RESTRICTION_PATHS[@]}"; do flatpak --user override --nofilesystem="$path" done # but allow some apps like text editors to access them for path in "${GLOBAL_RESTRICTION_PATHS[@]}"; do flatpak --user override --filesystem="$path" org.gnome.TextEditor done