The Exploit Post

Sign in Subscribe

Red Dog Security

How the Attack Works (And Why It’s Sneakier Than You Think)

How the Attack Works (And Why It’s Sneakier Than You Think)

Let’s break it down. In vulnerable versions of MCP Inspector (before v0.14.1), the tool exposed a proxy port on 0.0.0.0:6277. This sounds harmless, but here's the twist: due to a long-standing quirk in most browsers, requests sent to 0.0.0.

Critical Zero-Day Vulnerabilities in Microsoft SharePoint Actively Exploited

Critical Zero-Day Vulnerabilities in Microsoft SharePoint Actively Exploited

Two new critical zero-day vulnerabilities in Microsoft SharePoint—CVE-2025-53770 and CVE-2025-53771—have been actively exploited since late last week, with at least 85 servers compromised worldwide. Background: From ToolShell to Active Exploitation In May 2025, researchers at Viettel Cyber Security chained two SharePoint flaws—CVE-2025-49706 and CVE-2025-49704—to create a

How to Avoid Bankruptcy in Industrial Digitalization

How to Avoid Bankruptcy in Industrial Digitalization

How Integrated Industrial Cybersecurity Solutions Protect OT Networks and Reduce the Cost of Critical Incidents Industrial digital transformation has been a topic of discussion for over a decade—but only now is the real tipping point arriving. According to the VDC Research report Securing OT with Purpose-Built Solutions, just 7.

9.0 on the CVSS, But Only 3 Lines of Code

9.0 on the CVSS, But Only 3 Lines of Code

The Third Critical NVIDIA Container Toolkit Vulnerability in a Year Could Expose All Customer Data on Shared Servers A single compromised container. Three lines of code. Full access to every customer’s data on the server. That’s the nightmare scenario behind CVE-2025-23266, a newly discovered vulnerability in the NVIDIA

Google Sues Operators of BadBox 2.0 Botnet That Infected Over 10 Million Devices

Google Sues Operators of BadBox 2.0 Botnet That Infected Over 10 Million Devices

Google has filed a landmark lawsuit against the anonymous operators of BadBox 2.0, an Android-based botnet responsible for infecting more than 10 million devices worldwide. The tech giant accuses the group of orchestrating a massive ad fraud operation that exploited Google’s advertising platforms and siphoned illicit revenue on

LameHug Malware Uses LLM to Generate Commands on Infected Machines

LameHug Malware Uses LLM to Generate Commands on Infected Machines

A newly discovered malware family, dubbed LameHug, is breaking ground by using large language models (LLMs) to generate and execute commands on compromised Windows systems. First reported by Bleeping Computer, LameHug is written in Python and leverages the Hugging Face API to interface with Qwen 2.5-Coder-32B-Instruct, a powerful open-source

A Primer on LNK Files: The Hidden Dangers of Windows Shortcuts

A Primer on LNK Files: The Hidden Dangers of Windows Shortcuts

Malware operators have long relied on LNK files—commonly known as Windows shortcuts—as a covert and effective method for delivering trojans and executing malicious payloads. In this article, we’ll break down how LNK files work, explore their structure and vulnerabilities, and analyze attacker behavior based on a dataset