The Exploit Post

Sign in Subscribe

Latest

RondoDox Botnet Exploits XWiki Vulnerability to Compromise Servers

RondoDox Botnet Exploits XWiki Vulnerability to Compromise Servers

Security researchers are warning about a new attack wave from the RondoDox botnet exploiting a critical remote code execution vulnerability in XWiki Platform (CVE-2025-24893). CISA has already added the flaw to its catalog of actively exploited vulnerabilities, with exploitation attempts increasing since early November. RondoDox first appeared on researchers'

Malicious npm Packages Abuse Adspect Redirects

Malicious npm Packages Abuse Adspect Redirects

Researchers at Socket have discovered seven malicious packages in npm that exploit the Adspect cloud service to mask their activity while redirecting victims to cryptocurrency scam websites. Adspect markets itself as a tool for protecting websites from bots. However, this campaign demonstrates the service can serve the opposite purpose—concealing

Dutch Police Confiscate 250 Servers from "Bulletproof" Hosting Provider

Dutch Police Confiscate 250 Servers from "Bulletproof" Hosting Provider

Dutch police have executed a large-scale operation against an unnamed "bulletproof" hosting provider, seizing approximately 250 physical servers from data centers in The Hague and Zoetermeer. The seizure caused thousands of virtual servers to go offline simultaneously. Media sources indicate the operation likely targeted the hosting service CrazyRDP.

Azure Withstands 15.72 Tbps DDoS Attack From Half-Million Compromised Devices

Azure Withstands 15.72 Tbps DDoS Attack From Half-Million Compromised Devices

Microsoft's Azure cloud platform absorbed a massive distributed denial-of-service attack from the Aisuru botnet, peaking at 15.72 terabits per second with traffic originating simultaneously from 500,000 IP addresses. The Attack The assault targeted a specific Azure public IP address in Australia using UDP flooding techniques. Attack

(Untitled)

(Untitled)

Keenetic router users discovered their devices automatically installed new firmware—even with auto-update disabled—after the manufacturer detected active exploitation of a critical authentication vulnerability. The Vulnerability In early November, Keenetic published security bulletin KEN-PSA-2025-WP01 describing a CWE-521 vulnerability (Weak Password Requirements) with a CVSS score of 8.8. The

Google Retreats on Android App Verification After Developer Backlash

Google Retreats on Android App Verification After Developer Backlash

Google reversed course on mandatory developer verification for sideloaded Android apps, announcing simplified accounts for small developers and an "advanced mode" for experienced users following community outcry over the restrictive policy. The Original Plan In August 2025, Google announced a Developer Verification system scheduled for 2026 rollout. The

Fortinet Discloses Critical FortiWeb Zero-Day After Weeks of Active Exploitation

Fortinet Discloses Critical FortiWeb Zero-Day After Weeks of Active Exploitation

Fortinet acknowledged a critical authentication bypass vulnerability in FortiWeb firewalls only after security researchers published proof-of-concept exploits—nearly six weeks after attacks began and three weeks after the company quietly patched the flaw. Timeline of Disclosure Failure The vulnerability's exploitation timeline reveals a problematic gap between patch availability