Cybersecurity — Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

RedSide Security June 05, 2026 Cyber Attacks 73 views

A critical flaw in Anthropic's Claude Code GitHub Action allowed attackers to potentially hijack repositories through a single GitHub issue. The vulnerability combined weak bot validation, prompt injection, and excessive workflow permissions, highlighting the growing security risks of AI-powered CI/CD automation.

Continue reading: Claude Code GitHub Action Flaw Let One Malicious I…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

RedSide Security May 13, 2026 Vulnerability 154 views

Researchers have unveiled BitUnlocker, a new downgrade attack capable of bypassing Microsoft BitLocker encryption on patched Windows 11 systems in under five minutes. The attack abuses a flaw in the Windows Recovery Environment (WinRE) and a trusted legacy Secure Boot certificate to boot vulnerable components, allowing attackers with physical access to decrypt protected drives without triggering security alerts.

Continue reading: New BitUnlocker Downgrade Attack on Windows 11 All…
Ollama Vulnerabilities Expose Process Memory and Enable Persistent Code Execution on Windows

Ollama Vulnerabilities Expose Process Memory and Enable Persistent Code Execution on Windows

RedSide Security May 10, 2026 Vulnerability 94 views

Researchers have disclosed multiple critical vulnerabilities in Ollama, including the “Bleeding Llama” flaw (CVE-2026-7482), which allows remote attackers to leak sensitive process memory from exposed AI servers. Additional unpatched Windows update vulnerabilities could also enable persistent code execution through malicious updates and Startup folder abuse.

Continue reading: Ollama Vulnerabilities Expose Process Memory and E…