The Exploit Post

Sign in Subscribe

Red Dog Security

Sneaky2FA Phishing Kit Adopts Browser-in-the-Browser Attacks

Sneaky2FA Phishing Kit Adopts Browser-in-the-Browser Attacks

Security researchers from Push Security report that the Sneaky2FA phishing platform has added browser-in-the-browser attack capabilities. This technique creates fake login windows that steal both credentials and active sessions from victims. Sneaky2FA ranks among the most widely used PhaaS (phishing-as-a-service) platforms in cybercriminal circles. Along with Tycoon2FA and Mamba2FA, this

Microsoft to Integrate Sysmon into Windows 11 and Server 2025

Microsoft to Integrate Sysmon into Windows 11 and Server 2025

Microsoft has announced that it will integrate the popular tool Sysmon directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Mark Russinovich, creator of Sysinternals. Sysmon Overview Sysmon (System Monitor) is a free Microsoft Sysinternals tool for monitoring and blocking suspicious activity on Windows.

ShadowRay 2.0 Attack Uses Ray Clusters for Cryptocurrency Mining

ShadowRay 2.0 Attack Uses Ray Clusters for Cryptocurrency Mining

Analysts from Oligo Security have uncovered a large-scale campaign dubbed ShadowRay 2.0. Attackers are exploiting a two-year-old RCE vulnerability in the open-source Ray framework, using it to turn AI clusters into a self-propagating botnet. Ray Framework Background Ray, created by Anyscale, is commonly used for developing and deploying large-scale

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers D-Link has issued a warning about three separate remote code execution (RCE) vulnerabilities in the DIR-878 router. The issues affect all models and hardware revisions of these routers. However, the devices have been unsupported since 2021, so patches will not be

New Android Trojan Sturnus Steals Messages from Signal, WhatsApp, and Telegram

New Android Trojan Sturnus Steals Messages from Signal, WhatsApp, and Telegram

Specialists at ThreatFabric have discovered a new banking Trojan named Sturnus. The malware can intercept messages from end-to-end encrypted messengers (Signal, WhatsApp, Telegram) and gain full control over devices via VNC. Technical Architecture Researchers explain that Sturnus uses an advanced communication scheme with its command-and-control (C&C) servers: a

W3 Total Cache Vulnerability: Update Mandatory

W3 Total Cache Vulnerability: Update Mandatory

Vulnerability in WordPress Plugin W3 Total Cache Allows PHP Command Injection A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache. This flaw allows arbitrary PHP commands to be executed on the server without authentication. To carry out an attack, an attacker need only post

Austrian Researchers Collected Personal Data of 3.5 Billion WhatsApp Users

Austrian Researchers Collected Personal Data of 3.5 Billion WhatsApp Users

Researchers from the University of Vienna announced that they discovered a vulnerability in WhatsApp that allowed them to collect data on more than 3.5 billion users. In their assessment, this could represent the largest data leak in history. Exploitation Methodology The report's authors note that WhatsApp allows