The Exploit Post

Sign in Subscribe

Red Dog Security

Phishers Use the Symbol «ん» to Deceive Users

Phishers Use the Symbol «ん» to Deceive Users

Cybercriminals are exploiting the Unicode character «ん» from the Japanese hiragana script to disguise phishing links as legitimate. In certain systems and fonts, this character can resemble a forward slash, tricking users into believing a malicious URL is authentic. Homoglyph Tricks in Action This technique is part of a broader

Mozilla Warns: Ad Blockers Could Become Illegal in Germany

Mozilla Warns: Ad Blockers Could Become Illegal in Germany

Mozilla representatives report that a recent ruling by Germany's Federal Court of Justice (BGH) has reignited an old legal dispute over whether browser-based ad blockers violate copyright law. The organization warns this development could eventually lead to a ban on such tools in the country. The Legal Battle

APT Groups Increasingly Turning to Phishing

APT Groups Increasingly Turning to Phishing

In the second quarter of 2025, specialists at Positive Technologies observed a sharp increase in cybercriminal and hacktivist activity targeting Russian organizations. Phishing emails emerged as the most common initial attack vector, used in both mass campaigns and more sophisticated zero-day operations. Phishing Tactics on the Rise Attackers employed several

Source Code for ERMAC 3.0 Android Banking Trojan Leaked, Hunt Intelligence Reports

Source Code for ERMAC 3.0 Android Banking Trojan Leaked, Hunt Intelligence Reports

Cybersecurity experts at Hunt Intelligence have uncovered a leak of the ERMAC 3.0 source code, an advanced Android banking trojan. The researchers also identified serious flaws in the malware operators’ infrastructure. Background on ERMAC The ERMAC banking trojan was first documented by ThreatFabric in September 2021, noted for its

Anthropic: Claude Will Be Able to Terminate Potentially Harmful Conversations

Anthropic: Claude Will Be Able to Terminate Potentially Harmful Conversations

Anthropic has introduced new capabilities that allow some of its latest AI models to end conversations in what the company describes as “rare, extreme cases of persistently harmful or offensive interactions with users.” Notably, the company stresses that this measure is not designed to protect users, but rather to safeguard

U.S. Imposes Sanctions on Cryptocurrency Exchange Grinex, Successor to Garantex

U.S. Imposes Sanctions on Cryptocurrency Exchange Grinex, Successor to Garantex

U.S. authorities have imposed sanctions on Grinex, the successor to the cryptocurrency exchange Garantex, which was previously blacklisted for facilitating darknet transactions and laundering money for cybercriminals. Links Between Grinex and Garantex Earlier this year, researchers at TRM Labs reported that Grinex was closely tied to Garantex’s prior

HTTP/2 Vulnerability "MadeYouReset" Can Be Used for Large-Scale DDoS Attacks

HTTP/2 Vulnerability "MadeYouReset" Can Be Used for Large-Scale DDoS Attacks

A newly disclosed vulnerability in several HTTP/2 implementations, dubbed MadeYouReset, can be exploited to launch powerful distributed denial-of-service (DDoS) attacks. Scope of the Vulnerability Researchers from Imperva, Deepness Lab, and Tel Aviv University confirmed that the flaw has been assigned the primary identifier CVE-2025-8671. However, the issue is broad