Vulnerability Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

DirtyClone Linux Kernel Vulnerability Enables Root Privilege Escalation

DirtyClone Linux Kernel Vulnerability Enables Root Privilege Escalation

RedSide Security June 29, 2026 Vulnerability 56 views

DirtyClone (CVE-2026-43503) is a newly disclosed Linux kernel privilege escalation vulnerability that allows local attackers to gain root access by abusing packet cloning and page-cache corruption. Researchers have released a working exploit, making immediate patching essential for affected Linux systems.

Continue reading: DirtyClone Linux Kernel Vulnerability Enables Root…
Critical Everest Forms Pro Vulnerability Actively Exploited to Compromise WordPress Sites

Critical Everest Forms Pro Vulnerability Actively Exploited to Compromise WordPress Sites

RedSide Security June 05, 2026 Vulnerability 58 views

Threat actors are actively exploiting a critical remote code execution vulnerability in the Everest Forms Pro WordPress plugin. The flaw allows unauthenticated attackers to execute arbitrary PHP code, create administrator accounts, deploy web shells, and fully compromise affected websites.

Continue reading: Critical Everest Forms Pro Vulnerability Actively …
PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

RedSide Security May 20, 2026 Vulnerability 89 views

A public proof-of-concept (PoC) exploit has been released for **CVE-2026-2005**, a critical remote code execution vulnerability in PostgreSQL’s **pgcrypto extension**. The flaw stems from a long-standing heap-based buffer overflow in PGP session key parsing and can allow attackers to escalate privileges to PostgreSQL superuser and execute operating system commands under certain conditions.

Continue reading: PoC Exploit Released for 20-Year Old PostgreSQL RC…
First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days

First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days

RedSide Security May 17, 2026 Vulnerability 200 views

Security researchers have reportedly developed the first public macOS kernel exploit targeting Apple’s new M5 silicon, successfully bypassing the company’s hardware-based Memory Integrity Enforcement (MIE) protections. The exploit chain achieves full root access on macOS 26.4.1 using only standard system calls from an unprivileged local account, highlighting the growing impact of AI-assisted offensive security research.

Continue reading: First Public macOS Kernel Exploit on Apple M5 Prep…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

RedSide Security May 13, 2026 Vulnerability 153 views

Researchers have unveiled BitUnlocker, a new downgrade attack capable of bypassing Microsoft BitLocker encryption on patched Windows 11 systems in under five minutes. The attack abuses a flaw in the Windows Recovery Environment (WinRE) and a trusted legacy Secure Boot certificate to boot vulnerable components, allowing attackers with physical access to decrypt protected drives without triggering security alerts.

Continue reading: New BitUnlocker Downgrade Attack on Windows 11 All…
Ollama Vulnerabilities Expose Process Memory and Enable Persistent Code Execution on Windows

Ollama Vulnerabilities Expose Process Memory and Enable Persistent Code Execution on Windows

RedSide Security May 10, 2026 Vulnerability 93 views

Researchers have disclosed multiple critical vulnerabilities in Ollama, including the “Bleeding Llama” flaw (CVE-2026-7482), which allows remote attackers to leak sensitive process memory from exposed AI servers. Additional unpatched Windows update vulnerabilities could also enable persistent code execution through malicious updates and Startup folder abuse.

Continue reading: Ollama Vulnerabilities Expose Process Memory and E…