The Exploit Post

Sign in Subscribe

Latest

Malicious npm Package Distributes AdaptixC2 Framework on Developer Systems

Malicious npm Package Distributes AdaptixC2 Framework on Developer Systems

Kaspersky Lab researchers have uncovered a malicious package on the npm registry named https-proxy-utils, disguised as a legitimate proxy management tool. The package secretly installed the AdaptixC2 framework — an open-source post-exploitation toolkit similar to Cobalt Strike — onto compromised developer devices. The malicious package has since been removed from npm. AdaptixC2:

Europol Dismantles Global SIM Farm Network Behind 49 Million Fake Accounts

Europol Dismantles Global SIM Farm Network Behind 49 Million Fake Accounts

European law enforcement has shut down one of the world’s largest SIM farm operations, responsible for fueling a massive global market in fake online accounts. The takedown—codenamed Operation SIMCARTEL—dismantled a criminal network managing over 1,200 SIM boxes loaded with 40,000 active SIM cards used in

China Accuses U.S. NSA of Cyberattack on National Time Service Systems

China Accuses U.S. NSA of Cyberattack on National Time Service Systems

China’s Ministry of State Security (MSS) has accused the U.S. National Security Agency (NSA) of conducting cyberattacks against the country’s National Time Service Center (NTSC), a critical institution responsible for maintaining Beijing Time and coordinating national synchronization systems. In a statement posted to its official WeChat account,

Fresh Bug Used to Deploy Rootkits on Cisco Devices

Fresh Bug Used to Deploy Rootkits on Cisco Devices

Trend Micro researchers have discovered a new malicious campaign targeting unpatched Cisco devices, using a recently fixed zero-day vulnerability to deploy rootkits that hide deep within network firmware. The flaw, CVE-2025-20352 (CVSS 7.7), affects all supported versions of Cisco IOS and IOS XE, the operating systems powering much of

North Korean Hackers Employ EtherHiding Tactic to Conceal Malware in the Blockchain

North Korean Hackers Employ EtherHiding Tactic to Conceal Malware in the Blockchain

Google’s Threat Intelligence Group (GTIG) has uncovered a new North Korean cyber campaign that hides malware within blockchain smart contracts — a sophisticated evasion method known as EtherHiding. According to GTIG, the group UNC5342 has used this technique since February 2025 in “Contagious Interview” operations aimed at stealing cryptocurrency from

Astaroth Banker Uses GitHub to Evade Blocking

Astaroth Banker Uses GitHub to Evade Blocking

McAfee Labs has uncovered a new campaign distributing the Astaroth banking trojan, which now leverages GitHub as part of its command infrastructure to evade takedowns and remain operational even when its servers are blocked. “Instead of relying solely on traditional command-and-control (C2) servers, which can be shut down, the attackers

Discord Contractor Denies Role in Data Leak

Discord Contractor Denies Role in Data Leak

5CA, a contractor providing customer support services to Discord, has denied responsibility for the recent data breach that exposed user identification documents and partial payment information. Earlier this month, Discord confirmed a cyber incident linked to the compromise of a third-party vendor’s systems on September 20, 2025. The company