patching — Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

Critical Linux Kernel Flaw Allows Unprivileged Users to Gain Root Access

Critical Linux Kernel Flaw Allows Unprivileged Users to Gain Root Access

RedSide Security June 28, 2026 CVE 55 views

Critical Linux kernel vulnerability CVE-2026-46331 allows unprivileged users to gain root access by exploiting a page-cache corruption flaw in the net/sched act_pedit subsystem. The issue affects Linux kernels 5.18 through 7.1-rc6 and has been successfully demonstrated against RHEL, Debian, and Ubuntu systems.

Continue reading: Critical Linux Kernel Flaw Allows Unprivileged Use…
Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

RedSide Security June 10, 2026 Tools & Technology 78 views

Anthropic has released Claude Fable 5 with built-in cybersecurity safeguards and a restricted twin model, Mythos 5, highlighting a new dual-track approach to AI deployment where capability and security controls are separated.

Continue reading: Anthropic Releases Claude Fable 5, Its Most Powerf…
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

RedSide Security June 05, 2026 Cyber Attacks 72 views

A critical flaw in Anthropic's Claude Code GitHub Action allowed attackers to potentially hijack repositories through a single GitHub issue. The vulnerability combined weak bot validation, prompt injection, and excessive workflow permissions, highlighting the growing security risks of AI-powered CI/CD automation.

Continue reading: Claude Code GitHub Action Flaw Let One Malicious I…
Critical Everest Forms Pro Vulnerability Actively Exploited to Compromise WordPress Sites

Critical Everest Forms Pro Vulnerability Actively Exploited to Compromise WordPress Sites

RedSide Security June 05, 2026 Vulnerability 58 views

Threat actors are actively exploiting a critical remote code execution vulnerability in the Everest Forms Pro WordPress plugin. The flaw allows unauthenticated attackers to execute arbitrary PHP code, create administrator accounts, deploy web shells, and fully compromise affected websites.

Continue reading: Critical Everest Forms Pro Vulnerability Actively …
VECT 2.0 Ransomware Can Damage Files Its Own Decryptor Cannot Reliably Restore

VECT 2.0 Ransomware Can Damage Files Its Own Decryptor Cannot Reliably Restore

RedSide Security June 05, 2026 Cybersecurity 65 views

Security researchers have uncovered serious design flaws in the VECT 2.0 ransomware family that can leave victim files permanently damaged, even when a ransom is paid and a decryptor is provided. Analysis reveals multiple implementation errors, race conditions, and encryption logic flaws that can result in incomplete recovery and irreversible data loss.

Continue reading: VECT 2.0 Ransomware Can Damage Files Its Own Decry…
PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

RedSide Security May 20, 2026 Vulnerability 89 views

A public proof-of-concept (PoC) exploit has been released for **CVE-2026-2005**, a critical remote code execution vulnerability in PostgreSQL’s **pgcrypto extension**. The flaw stems from a long-standing heap-based buffer overflow in PGP session key parsing and can allow attackers to escalate privileges to PostgreSQL superuser and execute operating system commands under certain conditions.

Continue reading: PoC Exploit Released for 20-Year Old PostgreSQL RC…
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

RedSide Security May 17, 2026 CVE 90 views

A critical NGINX vulnerability tracked as CVE-2026-42945 is now being actively exploited in the wild, just days after public disclosure. The flaw allows attackers to crash NGINX worker processes and potentially achieve remote code execution under specific conditions. At the same time, threat actors have also begun weaponizing multiple critical vulnerabilities in openDCIM to deploy PHP web shells and gain remote access to exposed systems.

Continue reading: NGINX CVE-2026-42945 Exploited in the Wild, Causin…
First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days

First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days

RedSide Security May 17, 2026 Vulnerability 200 views

Security researchers have reportedly developed the first public macOS kernel exploit targeting Apple’s new M5 silicon, successfully bypassing the company’s hardware-based Memory Integrity Enforcement (MIE) protections. The exploit chain achieves full root access on macOS 26.4.1 using only standard system calls from an unprivileged local account, highlighting the growing impact of AI-assisted offensive security research.

Continue reading: First Public macOS Kernel Exploit on Apple M5 Prep…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

RedSide Security May 13, 2026 Vulnerability 153 views

Researchers have unveiled BitUnlocker, a new downgrade attack capable of bypassing Microsoft BitLocker encryption on patched Windows 11 systems in under five minutes. The attack abuses a flaw in the Windows Recovery Environment (WinRE) and a trusted legacy Secure Boot certificate to boot vulnerable components, allowing attackers with physical access to decrypt protected drives without triggering security alerts.

Continue reading: New BitUnlocker Downgrade Attack on Windows 11 All…