Ubuntu’s core infrastructure has been offline for over 24 hours, taking down sites like security.ubuntu.com, developer.ubuntu.com, and the Ubuntu Security API. The outage began shortly after researchers published exploit code that lets untrusted users gain full root access on servers running most Linux distributions, including Ubuntu. Mirror sites continue to serve updates, and the Ubuntu Cloud dashboard remains inaccessible.

The downtime crippled Canonical’s ability to push security guidance to affected administrators, forcing them to rely on third‑party mirrors and community channels. With the vulnerability affecting data centers and university labs, the lack of communication raises the risk of widespread compromise. The attack also targeted Canonical’s Maas.io service, disrupting automated provisioning for enterprise customers. DDoS‑as‑a‑service groups, called stressor sites, are suspected of driving the attack.

Despite DDoS protection services—some free—Ubuntu’s servers remain unreachable, and no clear reason has emerged for the prolonged failure. Researchers warned the exploit grants root exploit control across virtually all Linux flavors, making timely patches essential. Enterprises monitoring the outage report increased ticket volume as they scramble to verify patch status across fleets. Until Canonical restores its endpoints, the community stays the primary source of security information.