Linux — Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

F5 Discloses High-Severity NGINX Vulnerabilities, Including Potential RCE Flaw

F5 Discloses High-Severity NGINX Vulnerabilities, Including Potential RCE Flaw

RedSide Security July 16, 2026 Vulnerability 11 views

F5 has released patches for three vulnerabilities affecting NGINX Plus and NGINX Open Source, including a critical heap buffer overflow (CVE-2026-42533) that may enable remote code execution. Organizations using NGINX web servers, ingress controllers, or gateway products should patch immediately and review affected configurations.

Continue reading: F5 Discloses High-Severity NGINX Vulnerabilities, …
Bad Epoll Linux Kernel Flaw Lets Attackers Gain Root Access on Linux and Android

Bad Epoll Linux Kernel Flaw Lets Attackers Gain Root Access on Linux and Android

RedSide Security July 04, 2026 Vulnerability 61 views

A newly disclosed Linux kernel vulnerability, Bad Epoll (CVE-2026-46242), allows unprivileged users to gain root access on Linux and Android systems through a race condition and use-after-free flaw in the epoll subsystem. With no workaround available, organizations are urged to deploy kernel patches as soon as they become available.

Continue reading: Bad Epoll Linux Kernel Flaw Lets Attackers Gain Ro…
DirtyClone Linux Kernel Vulnerability Enables Root Privilege Escalation

DirtyClone Linux Kernel Vulnerability Enables Root Privilege Escalation

RedSide Security June 29, 2026 Vulnerability 56 views

DirtyClone (CVE-2026-43503) is a newly disclosed Linux kernel privilege escalation vulnerability that allows local attackers to gain root access by abusing packet cloning and page-cache corruption. Researchers have released a working exploit, making immediate patching essential for affected Linux systems.

Continue reading: DirtyClone Linux Kernel Vulnerability Enables Root…
Critical Linux Kernel Flaw Allows Unprivileged Users to Gain Root Access

Critical Linux Kernel Flaw Allows Unprivileged Users to Gain Root Access

RedSide Security June 28, 2026 CVE 55 views

Critical Linux kernel vulnerability CVE-2026-46331 allows unprivileged users to gain root access by exploiting a page-cache corruption flaw in the net/sched act_pedit subsystem. The issue affects Linux kernels 5.18 through 7.1-rc6 and has been successfully demonstrated against RHEL, Debian, and Ubuntu systems.

Continue reading: Critical Linux Kernel Flaw Allows Unprivileged Use…
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

RedSide Security May 10, 2026 CVE 86 views

A newly disclosed Linux kernel vulnerability chain, dubbed **Dirty Frag**, enables unprivileged local users to gain root access across major Linux distributions. The flaw combines two page-cache write issues in the xfrm-ESP and RxRPC subsystems, creating a deterministic and highly reliable privilege escalation method. Limited in-the-wild exploitation has already been observed, with attackers using it in post-SSH compromise scenarios.

Continue reading: Linux Kernel Dirty Frag LPE Exploit Enables Root A…