By law, autonomous vehicles aren’t legally allowed to carry unaccompanied minors in California. Waymo, Alphabet’s self-driving car company, doesn’t allow kids under 18 to ride alone anywhere outside of metro Phoenix, Arizona. But that hasn’t stopped some time-strapped parents from using their own accounts to transport their kids to school, extracurricular activities, and even social outings. Some have reported that the lack of drivers makes them feel safer.

Waymo is working to crack down on the practice, the company confirmed Friday, after reports of new mid-ride age-verification checks began to float around on social media. The company has “policies in place” to help it identify violations of its terms of service, Waymo spokesperson Chris Bonelli wrote in a statement to WIRED. “We are continuing to refine our system and processes for accuracy over time.” Violating its terms of service can lead to temporary or permanent suspension of an account, Waymo says.

The company uses cameras inside its cars to check that riders aren’t violating its rules. Its privacy policy notes that the company records video inside the vehicle during trips. Waymo says its support workers “may review video under certain circumstances,” and, “in more urgent circumstances,” access live video during a trip. The company says it does not use facial recognition or “other biometric identification technologies” to identify individuals.

The news comes a month after several California labor groups, including the California Gig Workers Union, filed a formal complaint with a state regulatory agency, accusing Waymo of violating the terms of its permit to operate in the state by knowingly transporting unaccompanied minors. The matter was assigned to a judge this week. The state is evaluating new rules that could allow solo riders under 18 in driverless cars, perhaps patterned after a program that permits ride-hail companies with human drivers to transport minors in California.

So far, several fresh-faced adults have been caught in the crossfire. On Tuesday, San Francisco machine learning engineer Nicholas Fleischhauer was about five minutes into his Waymo ride when the car connected him to support. A voice came over the line asking Fleischhauer to verify his age. He told the worker the truth: He’s 35. “I had messy and wet hair, and a backpack on me,” he says, by way of explaining why he might have been flagged by Waymo’s system. Plus, “people have told me that I look young for my age.” Fleischhauer says he takes Waymo weekly, but this marked the first time he had been asked about his age.

Since last summer, Waymo has allowed parents in the Phoenix area to set up teen accounts for riders ages 14 to 17. The accounts allow the teen riders’ adults to track their real-time locations during their trips. Waymo says a specially trained team of support agents deals with any issues its teen riders might have. Waymo says that “hundreds” of Phoenix families use the service each week.

In Waymo’s other markets across the US, adults are allowed to ride with guests under 18, though children under 8 must be in a secured car or booster seat.

Ethan S. Klein is 23, but his 26th LA Waymo ride on Thursday—plus the music he was listening to—was interrupted by an in-car call from a support agent who asked him, for the first time, to verify his birth date. Klein is an adult, but his first impulse was almost teen-like. “I was a little startled,” he says. “I thought I was in trouble!”

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers and on personal devices.

The vulnerability and exploit code that exploits it were released Wednesday evening by researchers from security firm Theori, five weeks after privately disclosing it to the Linux kernel security team. The team patched the vulnerability in versions 7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) but few of the Linux distributions had incorporated those fixes at the time the exploit was released.

A Single Script to Hack Them All

The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code—released in Wednesday’s disclosure—that works across all vulnerable distributions with no modification. With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.

“‘Local privilege escalation’ sounds dry, so let me unpack it,” researcher Jorijn Schrijvershof wrote Thursday. “It means: An attacker who already has some way to run code on the machine, even as the most boring unprivileged user, can promote themselves to root. From there they can read every file, install backdoors, watch every process, and pivot to other systems.”

Schrijvershof added that the same Python script Theori released works reliably for Ubuntu 22.04, Amazon Linux 2023, SUSE 15.6, and Debian 12. The researcher continued:

Why does that matter on shared infrastructure? Because “local” covers a lot of ground in 2026: every container on a shared Kubernetes node, every tenant on a shared hosting box, every CI/CD job that runs untrusted pull-request code, every WSL2 instance on a Windows laptop, every containerised AI agent given shell access. They all share one Linux kernel with their neighbors. A kernel LPE collapses that boundary.

The realistic threat chain looks like this. An attacker exploits a known WordPress plugin vulnerability and gets shell access as www-data. They run the copy.fail PoC. They are now root on the host. Every other tenant is suddenly reachable, in the way I walked through in this hack post-mortem. The vulnerability does not get the attacker onto the box; it changes what happens in the next ten seconds after they land there.

The vulnerability stems from a “straight-line” logic flaw in the kernel’s crypto API. Many exploits exploiting race conditions and memory corruption flaws don’t consistently succeed across kernel versions or distributions, and sometimes even on the same machine. Because the code released for CopyFail exploits a logic flaw, “reliability isn’t probabilistic, and the same script works across distributions, researchers from Bugcrowd wrote. “No race window, no kernel offset.”

CopyFail gets its name because the authencesn AEAD template process (used for IPsec extended sequence numbers) doesn’t actually copy data when it should. Instead, it “uses the caller’s destination buffer as a scratch pad, scribbles 4 bytes past the legitimate output region, and never restores them,” Theori said. “The ‘copy’ of the AAD ESN bytes ‘fails’ to stay inside the destination buffer.”

The Worst Linux Vulnerability in Years

Other security experts echoed the perspective that CopyFail poses a serious threat, with one saying it’s the “worst make-me-root vulnerabilities in the kernel in recent times.”

The most recent such Linux vulnerability was Dirty Pipe from 2022 and Dirty Cow in 2016. Both of those vulnerabilities were actively exploited in the wild.