DDoS Attack Disrupts Ubuntu and Canonical Servers Amid Critical Linux Vulnerability Disclosure

• May 3, 2026

Ubuntu and its parent company Canonical are currently experiencing significant service outages due to a sustained distributed denial-of-service (DDoS) attack. The disruption has persisted for over 48 hours, severely impacting the companies’ ability to distribute critical security patches to users.

Security Update Distribution Hindered by Attack

The attack struck shortly after security researchers revealed a severe vulnerability in the Linux kernel, accompanied by publicly released exploit code. This timing has raised concerns about the potential for widespread exploitation of the flaw before patches can be fully deployed.

Canonical’s servers, which normally serve as the primary source for Ubuntu updates, have been unavailable since the attack began. As a result, essential security fixes intended to address the kernel vulnerability are currently not being distributed through official channels. While users are still able to receive updates via mirror sites, the absence of direct access to Ubuntu’s main servers poses a risk for delays and inconsistencies in patch rollout.

The pro-Iranian hacker group has claimed responsibility for the DDoS offensive, though details regarding their motives or demands have not been disclosed. The attack underscores the ongoing risk that threat actors pose to open-source infrastructure and highlights the challenges of maintaining secure update mechanisms in the face of targeted cyberattacks.

Canonical has yet to announce a timeline for restoring full service or providing additional details about mitigation efforts. Meanwhile, Linux users dependent on Ubuntu installations are advised to monitor mirror repositories and stay vigilant for further developments regarding the security vulnerability.

This incident serves as a reminder of the critical importance of timely patch distribution to protect large-scale open-source ecosystems from emerging threats. The ongoing disruption could potentially impact enterprise and individual users who rely heavily on Ubuntu’s security updates to safeguard their systems.

Ubuntu and Canonical servers are offline for a second day following a DDoS attack coinciding with disclosure of a major Linux kernel flaw.