The Exploit Post

Sign in Subscribe

Red Dog Security

PoC Exploits Released for Critical Citrix Bleed 2 Vulnerability (CVE-2025-5777)

PoC Exploits Released for Critical Citrix Bleed 2 Vulnerability (CVE-2025-5777)

Proof-of-concept (PoC) exploits for a critical vulnerability in Citrix NetScaler ADC and NetScaler Gateway—dubbed Citrix Bleed 2—have been publicly released. Security researchers warn the flaw, tracked as CVE-2025-5777, is easily exploitable and can be used to steal user session tokens. The vulnerability has drawn comparisons to Citrix Bleed

Malicious Extensions in Chrome Web Store: 1.7 Million Users Affected

Malicious Extensions in Chrome Web Store: 1.7 Million Users Affected

Security researchers have uncovered a widespread browser extension campaign that silently harvested user data and redirected traffic—affecting over 2.3 million users across Chrome and Edge. Discovery by Koi Security Researchers from Koi Security have identified 11 malicious extensions in the official Chrome Web Store that were collectively downloaded

Qantas Cyberattack: Data of 6 Million Passengers Stolen in Ransomware Attack

Qantas Cyberattack: Data of 6 Million Passengers Stolen in Ransomware Attack

Australian airline Qantas has confirmed a major cybersecurity breach that exposed the personal data of more than six million customers. The attack—linked to a notorious cybercriminal group—marks one of the largest data compromises in the country’s aviation history. Key Details of the Breach The breach was first

Open-Source Tool Anubis Fights Back Against AI Scrapers

Open-Source Tool Anubis Fights Back Against AI Scrapers

With over 200,000 downloads and adoption by global institutions, Xe Iaso’s Anubis is quietly waging war on AI-powered web scrapers—without breaking the internet for everyone else. The Birth of Anubis In January 2025, developer Xe Iaso released Anubis, an open-source tool built to thwart AI scrapers. Since

Leaked Red Team Tool ‘Shellter Elite’ Used to Deliver Info-Stealers

Leaked Red Team Tool ‘Shellter Elite’ Used to Deliver Info-Stealers

A commercial red teaming tool is now in the hands of threat actors, raising concerns about tool leakage, responsible disclosure, and trust in the offensive security ecosystem. Hackers Exploit Shellter Elite Following Leak Shellter Project, the developer of Shellter Elite—a commercial payload loader built for evading antivirus and EDR

What Is DevSecOps? Making Security a Daily Habit, Not a Roadblock

What Is DevSecOps? Making Security a Daily Habit, Not a Roadblock

In the fast-moving world of software development, speed has long been the name of the game. But as anyone who's deployed code in the wild knows, speed without security is like driving a race car without brakes. That’s where DevSecOps comes in. DevSecOps—short for Development, Security,

352 Android Apps Infected with IconAds Adware

352 Android Apps Infected with IconAds Adware

Security researchers at Human Security have uncovered a massive ad fraud operation dubbed IconAds, involving 352 malicious Android apps previously available on the Google Play Store. At its peak, the campaign generated over 1.2 billion ad requests per day, primarily targeting users in Brazil, Mexico, and the United States.