Security Researchers Create Proof-of-Concept Program that Evades Linux Syscall-Watching Antivirus

Slashdot reader Mirnotoriety shared this report from the Register:A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.
That interface allows applications to make IO requests without using traditional system calls [to enhance performance by enabling asynchronous I/O operations between user space and the Linux kernel through shared ring buffers]. That's a