Vulnerability Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

Critical "wp2shell" WordPress Core RCE Vulnerability Puts 500M+ Sites at Risk

Critical "wp2shell" WordPress Core RCE Vulnerability Puts 500M+ Sites at Risk

RedSide Security July 18, 2026 Vulnerability 3 views

A critical WordPress Core vulnerability dubbed wp2shell allows unauthenticated attackers to achieve remote code execution on affected websites without requiring plugins or user credentials. WordPress has released emergency patches and is force-pushing updates to vulnerable installations worldwide.

Continue reading: Critical "wp2shell" WordPress Core RCE Vulnerabili…
Citrix Secure Access Client Flaws Allow SYSTEM Privilege Escalation on Windows Endpoints

Citrix Secure Access Client Flaws Allow SYSTEM Privilege Escalation on Windows Endpoints

RedSide Security July 18, 2026 Vulnerability 2 views

Cloud Software Group has patched two vulnerabilities affecting Citrix Secure Access Client and Endpoint Analysis Client for Windows, including CVE-2026-53565, a high-severity privilege escalation flaw that allows low-privileged users to gain full SYSTEM access. Organizations are urged to upgrade immediately.

Continue reading: Citrix Secure Access Client Flaws Allow SYSTEM Pri…
F5 Discloses High-Severity NGINX Vulnerabilities, Including Potential RCE Flaw

F5 Discloses High-Severity NGINX Vulnerabilities, Including Potential RCE Flaw

RedSide Security July 16, 2026 Vulnerability 11 views

F5 has released patches for three vulnerabilities affecting NGINX Plus and NGINX Open Source, including a critical heap buffer overflow (CVE-2026-42533) that may enable remote code execution. Organizations using NGINX web servers, ingress controllers, or gateway products should patch immediately and review affected configurations.

Continue reading: F5 Discloses High-Severity NGINX Vulnerabilities, …
 Jscrambler npm Package Compromised - Malicious Releases Deploy Cross-Platform Infostealer

Jscrambler npm Package Compromised - Malicious Releases Deploy Cross-Platform Infostealer

RedSide Security July 13, 2026 Vulnerability 28 views

Attackers compromised the Jscrambler npm package and published multiple malicious versions containing a cross-platform Rust infostealer. The malware targets cloud credentials, GitHub tokens, AI coding tools, cryptocurrency wallets, and CI/CD environments, highlighting the growing risk of software supply chain attacks against developers.

Continue reading: Jscrambler npm Package Compromised - Malicious Re…
PoC and Technical Details Released for SharePoint Remote Code Execution Vulnerability

PoC and Technical Details Released for SharePoint Remote Code Execution Vulnerability

RedSide Security July 08, 2026 Vulnerability 34 views

Researchers have released a working proof-of-concept exploit for CVE-2025-53770, a critical SharePoint Server remote code execution vulnerability. The flaw abuses XML schema imports and .NET deserialization gadgets to achieve code execution on vulnerable on-premises SharePoint deployments, increasing the risk of large-scale exploitation.

Continue reading: PoC and Technical Details Released for SharePoint …
Critical Fast-MCP-Telegram Vulnerability Allows Authentication Bypass via Path Traversal

Critical Fast-MCP-Telegram Vulnerability Allows Authentication Bypass via Path Traversal

RedSide Security July 07, 2026 Vulnerability 38 views

A critical authentication bypass vulnerability (**CVE-2026-52830**) in Fast-MCP-Telegram allows attackers to exploit path traversal flaws in Bearer token validation and gain unauthorized access to Telegram sessions. Users are strongly advised to upgrade to version 0.19.1 immediately.

Continue reading: Critical Fast-MCP-Telegram Vulnerability Allows Au…
Bad Epoll Linux Kernel Flaw Lets Attackers Gain Root Access on Linux and Android

Bad Epoll Linux Kernel Flaw Lets Attackers Gain Root Access on Linux and Android

RedSide Security July 04, 2026 Vulnerability 61 views

A newly disclosed Linux kernel vulnerability, Bad Epoll (CVE-2026-46242), allows unprivileged users to gain root access on Linux and Android systems through a race condition and use-after-free flaw in the epoll subsystem. With no workaround available, organizations are urged to deploy kernel patches as soon as they become available.

Continue reading: Bad Epoll Linux Kernel Flaw Lets Attackers Gain Ro…
Critical Cursor IDE Flaws Enable Full Sandbox Escape and Remote Code Execution

Critical Cursor IDE Flaws Enable Full Sandbox Escape and Remote Code Execution

RedSide Security July 01, 2026 Vulnerability 42 views

Two critical vulnerabilities in Cursor IDE, tracked as CVE-2026-50548 and CVE-2026-50549, allow attackers to escape the platform's sandbox and achieve full remote code execution through prompt injection. The flaws demonstrate how AI-driven coding agents can expose traditional software attack surfaces, leading to system compromise without user approval.

Continue reading: Critical Cursor IDE Flaws Enable Full Sandbox Esca…
Researchers Find 282 iPhone AI Apps Exposing Paid AI Access Through Leaked API Credentials

Researchers Find 282 iPhone AI Apps Exposing Paid AI Access Through Leaked API Credentials

RedSide Security June 30, 2026 Vulnerability 38 views

Researchers analyzing 444 AI chatbot apps on iPhone found that 282 applications exposed paid AI access through leaked API keys, reusable tokens, or unsecured backend services. The findings highlight growing risks of LLMJacking attacks, where threat actors abuse stolen AI credentials to generate costly unauthorized model usage.

Continue reading: Researchers Find 282 iPhone AI Apps Exposing Paid …
curl Patches 18 Vulnerabilities, Including a 25-Year-Old Security Flaw

curl Patches 18 Vulnerabilities, Including a 25-Year-Old Security Flaw

RedSide Security June 29, 2026 Vulnerability 57 views

curl has released a security update fixing 18 vulnerabilities, including a 25-year-old flaw dating back to 2001. The vulnerabilities affect curl and libcurl components used by billions of devices worldwide, highlighting the ongoing importance of security auditing even in mature open-source projects.

Continue reading: curl Patches 18 Vulnerabilities, Including a 25-Ye…