d45id

Three page-cache privilege escalation vulnerabilities in three weeks. Copy Fail, Dirty Frag, Fragnesia. The pattern is clear. CIQ's response to Fragnesia was different. Instead of patching what researchers found and moving on, Sultan Alsawaf audited the kernel's networking stack for additional vulnerable code paths and found one. He built a proof-of-concept, confirmed it worked, and posted both the exploit and the fix to the Linux kernel mailing list the same day. The upstream maintainer folded it into the V3 patch within hours. Nathan Blackham covers the full story: what Fragnesia is, how CIQ found a path the original researchers missed, and what proactive kernel security actually looks like in practice. Read it here: https://t.co/OGb4YjiEhZ #LinuxSecurity #EnterpriseLinux #RockyLinux #CVE #CIQ #LinuxKernel

MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB - unauthenticated memory disclosure - public POC, trivial to exploit - leaks creds, tokens, cloud keys straight from RAM - huge exposed surface on the internet Good writeups and technical details here: https://t.co/LgK4RABmJu https://t.co/DWtByJQ3au https://t.co/LUwfnF6uXG Patch fast, rotate secrets, and assume exposed instances were scanned(!)

🚩 Google Project Zero Details ASLR Bypass on Apple Devices https://t.co/nDmvcpj806 A researcher from Project Zero has unveiled a clever serialization attack that leaks memory addresses on macOS and iOS, undermining Apple’s ASLR. The exploit leverages how NSDictionary serialization and re-serialization handles the NSNull singleton and uses hash table bucket placement to infer address bits. No memory corruption or timing side channels are needed. Apple patched this issue via updates released on March 31, 2025. #AppleSecurity #ASLR #iOS #macOS #ProjectZero #CyberSecurity