The Exploit Post

Sign in Subscribe

Red Dog Security

Ransomware Groups Extracted $2.1 Billion from Victims Between 2022-2024

Ransomware Groups Extracted $2.1 Billion from Victims Between 2022-2024

Ransomware attackers collected over $2.1 billion in ransom payments during a three-year period that saw both explosive growth and a sudden decline in attack profitability, according to financial data analyzed by the U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN). The agency processed thousands of Bank

Malicious VSCode Extensions Deployed Info-Stealers Against Developers

Malicious VSCode Extensions Deployed Info-Stealers Against Developers

Two malicious extensions in Microsoft's Visual Studio Code marketplace successfully delivered info-stealing malware to developers' machines, highlighting vulnerabilities in software supply chain security that affect the tools developers use daily. Researchers at Koi Security identified the threats: Bitcoin Black and Codo AI. The first masqueraded as a

Google Builds Security Guardrails for AI Agents in Chrome

Google Builds Security Guardrails for AI Agents in Chrome

Google is preparing Chrome for a future where AI operates autonomously in your browser—and the company knows that future comes with serious security risks. The tech giant announced multi-layered protection for browser-based AI agents, systems that can independently open websites, read content, click buttons, fill forms, and execute complex

Ransomware Group Claims Massive Data Theft from Asus Supplier

Ransomware Group Claims Massive Data Theft from Asus Supplier

Asus confirmed that one of its suppliers suffered a ransomware attack, though the company maintains its own systems remain secure. The Everest ransomware group, however, tells a different story—claiming to have stolen one terabyte of data from three companies: Asus, Qualcomm, and ArcSoft. What Asus Says The company'

Half of Passwords Compromised in 2025 Were Already Leaked, Kaspersky Lab Reports

Half of Passwords Compromised in 2025 Were Already Leaked, Kaspersky Lab Reports

Analysis reveals users stick with weak passwords for 3.5-4 years despite repeated breaches. More than half of passwords compromised in 2025 had already appeared in previous data breaches, according to a large-scale analysis by Kaspersky Lab. The finding demonstrates that users continue relying on weak passwords and fail to

North Korean Hacker's Device Infected by Lumma Stealer, Exposes $1.4 Billion Bybit Heist Infrastructure

North Korean Hacker's Device Infected by Lumma Stealer, Exposes $1.4 Billion Bybit Heist Infrastructure

Malware logs reveal tools, credentials, and operational security failures tied to major cryptocurrency theft. A North Korean hacker linked to the $1.4 billion Bybit cryptocurrency heist became the victim of their own compromise. Researchers from Hudson Rock discovered that Lumma stealer malware had infected a device used in infrastructure

Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure

Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure

Over 30 organizations confirmed compromised. More than 77,000 servers remain vulnerable. Hours after security researchers disclosed the React2Shell vulnerability, malicious actors began exploiting the flaw in active attacks. Cybersecurity firms have confirmed breaches at more than 30 organizations across multiple sectors, while researchers estimate over 77,000 servers remain