The Exploit Post

Sign in Subscribe

Red Dog Security

GhostAction Attack Led to the Exposure of 3,325 Secrets

GhostAction Attack Led to the Exposure of 3,325 Secrets

Another significant supply chain attack, dubbed GhostAction, has been uncovered. This campaign targeted GitHub repositories and resulted in the theft of 3,325 secrets—including PyPI, npm, DockerHub, and GitHub tokens, as well as Cloudflare and AWS API keys. How the Attack Was Discovered The breach was first identified by

Company Specializing in DDoS Protection Hit by an Attack Reaching 1.5 Billion Packets Per Second

Company Specializing in DDoS Protection Hit by an Attack Reaching 1.5 Billion Packets Per Second

A European company specializing in DDoS protection has itself become the target of an unprecedented attack, which peaked at 1.5 billion packets per second (PPS). According to FastNetMon, which assisted in mitigating the incident, the attack originated from thousands of compromised IoT devices and MikroTik routers. One of the

US Leads Global Market in Spyware Investments

US Leads Global Market in Spyware Investments

The spyware industry is in the midst of a boom, with investors increasingly drawn to this ethically fraught yet highly profitable sector, according to new research by the Atlantic Council. The majority of funding is flowing to companies in the United States and Israel, with American investment in spyware tripling

Over 600 Domains Distributing the Android Trojan DeliveryRAT Blocked

Over 600 Domains Distributing the Android Trojan DeliveryRAT Blocked

Specialists from F6 and RuStore report that they have discovered and blocked 604 domains tied to infrastructure used by hackers to spread the DeliveryRAT Trojan. The malware was disguised as popular food delivery apps, online marketplaces, banking services, and package tracking applications. Origins of DeliveryRAT In the summer of 2024,

Deepfake Detection Tools to Be Added to Pixel Camera and Google Photos

Deepfake Detection Tools to Be Added to Pixel Camera and Google Photos

Deepfake Detection Tools to Be Added to Pixel Camera and Google Photos Google has announced plans to integrate C2PA Content Credentials technology into the Pixel 10 camera app and Google Photos. The feature is designed to help users distinguish authentic images from those created or altered with artificial intelligence. Tackling

In September, Microsoft Patched 81 Vulnerabilities in Its Products

In September, Microsoft Patched 81 Vulnerabilities in Its Products

This week, Microsoft rolled out its September security updates, addressing 81 vulnerabilities across its products. Among them were two zero-day flaws—issues disclosed publicly before patches were available. Breakdown of Critical Fixes Of the 81 vulnerabilities, nine were rated critical: * Five related to remote code execution (RCE) * One tied to

Pirate Revenues Decline as Film Descriptions Appear in Morse Code

Pirate Revenues Decline as Film Descriptions Appear in Morse Code

Distributors of illegal video content are earning less. According to experts at F6, revenues in the first half of 2025 fell 14.5% year over year to $16.6 million, and 26.5% compared with the same period in 2023. At the same time, efforts to block pirate sites drove