The Exploit Post

Sign in Subscribe

Red Dog Security

Malware Hidden Inside DNS Records: A Growing Blind Spot in Cybersecurity

Malware Hidden Inside DNS Records: A Growing Blind Spot in Cybersecurity

Researchers from DomainTools have uncovered a sophisticated method hackers are using to conceal malicious payloads within DNS records—bypassing conventional detection and exploiting a long-standing security blind spot. Unlike traditional malware delivery tactics, which often rely on suspicious downloads or malicious email attachments, this technique leverages the trust and relative

Positive Technologies Launches Global Portal with Data on 300,000+ Vulnerabilities

Positive Technologies Launches Global Portal with Data on 300,000+ Vulnerabilities

Positive Technologies has unveiled a comprehensive online portal that aggregates software and hardware vulnerability data from vendors around the world—aimed at helping cybersecurity professionals, ethical hackers, and businesses stay ahead of emerging threats. The platform, which already catalogs over 317,000 vulnerabilities, includes detailed entries on each flaw, information

What Is the Model Context Protocol (MCP) — and Why Should You Care?

What Is the Model Context Protocol (MCP) — and Why Should You Care?

Imagine your AI model had a universal plug — a single way to connect to tools, apps, and external systems, no matter where they’re hosted or what language they’re written in. That’s essentially what the Model Context Protocol (MCP) is: a standardized, open protocol that lets AI agents

Curl Developer Considers Ending Bug Bounty Program Due to AI-Generated Spam

Curl Developer Considers Ending Bug Bounty Program Due to AI-Generated Spam

Daniel Stenberg, founder and lead developer of Curl, is considering shutting down the project’s bug bounty program after being overwhelmed by AI-generated junk reports. The influx of low-quality submissions—often indistinguishable from spam—has become a serious burden on the small team maintaining one of the internet’s most

Chrome Patches Actively Exploited Sandbox Escape Vulnerability

Chrome Patches Actively Exploited Sandbox Escape Vulnerability

Google has released patches for six security vulnerabilities in its Chrome browser, including a critical sandbox escape flaw that has already been exploited in the wild. The vulnerability, tracked as CVE-2025-6558 and assigned a CVSS score of 8.8, was discovered by Clément Lecigne and Vlad Stolyarov of Google’s

Konfety Malware APKs Distorted to Evade Detection

Konfety Malware APKs Distorted to Evade Detection

Security researchers have discovered a new variant of the Android malware Konfety that uses a corrupted ZIP structure and advanced obfuscation techniques to bypass static analysis and evade detection by security tools. Masquerading as Legitimate Apps Konfety disguises itself as legitimate Android applications, closely mimicking the look and feel of

Law Enforcement Shuts Down Diskstation Ransomware Group Targeting NAS Devices

Law Enforcement Shuts Down Diskstation Ransomware Group Targeting NAS Devices

Law enforcement agencies have dismantled the Diskstation ransomware group, a Romanian cybercriminal gang responsible for crippling the operations of multiple companies in Italy by encrypting their systems and demanding ransom payments. The international operation—codenamed "Operation Elicius"—was led by Europol, with support from police forces in France