The Exploit Post

Sign in Subscribe

Latest

Positive Technologies Helped Fix a Vulnerability in Windows

Positive Technologies Helped Fix a Vulnerability in Windows

A critical Windows vulnerability affecting dozens of Microsoft products has been patched with help from Positive Technologies’ research team. The flaw—tracked as CVE-2025-47955 and rated 7.8 on the CVSS scale—was discovered by Sergey Bliznyuk, a specialist with the PT SWARM vulnerability research unit. Vulnerability Overview CVE-2025-47955 impacted

AI-Written Ransomware: Jetflicks Piracy Operator Sentenced to 7 Years in Prison

AI-Written Ransomware: Jetflicks Piracy Operator Sentenced to 7 Years in Prison

Kristopher Dallmann, the founder of the pirate streaming platform Jetflicks, has been sentenced to seven years in federal prison. Despite maintaining his innocence, Dallmann faced charges ranging from conspiracy and copyright infringement to money laundering. Jetflicks: A 12-Year Piracy Operation Jetflicks operated from 2007 until its shutdown by the FBI

AI-Written Ransomware: FunkSec’s Code

AI-Written Ransomware: FunkSec’s Code

Researchers at Kaspersky Lab have uncovered a new threat actor—FunkSec—believed to be among the first to deploy large-scale, AI-assisted ransomware operations. Active since late 2024, FunkSec is notable for its aggressive tactics, high automation, and use of generative AI to develop its malware. Distinct Characteristics FunkSec’s operations

Amazon Denies Possible Data Breach of Ring Camera Users

Amazon Denies Possible Data Breach of Ring Camera Users

Ring users are raising alarms after receiving unauthorized login alerts, all dated May 28, 2025. Despite growing concerns, Amazon-owned Ring insists the issue stems from a backend bug—not a breach. Over the past week, numerous users reported receiving notifications that their accounts had been accessed from unfamiliar devices across

Linux Malware "Koske" Hides in Pictures of Cute Pandas

Linux Malware "Koske" Hides in Pictures of Cute Pandas

Analysts from AquaSec have identified a novel strain of Linux malware named Koske, which conceals its payload inside JPEG images of pandas. Believed to be developed using artificial intelligence (AI), Koske is designed to infiltrate Linux systems by embedding malicious code directly into memory via deceptive image files. Adaptive Behavior

Steam Serves Gamers Viruses with a Side of "Early Access"

Steam Serves Gamers Viruses with a Side of "Early Access"

This marks the third malware-laced game to appear on Steam in just six months. A hacker group operating under the alias EncryptHub, also known as Larva-208, has embedded malicious software into a Steam-distributed game—turning a survival crafting title into a silent delivery mechanism for spyware. The Target: Chemia by

Banking Trojan “Coyote” Steals Data by Mimicking UI Interactions

Banking Trojan “Coyote” Steals Data by Mimicking UI Interactions

A new variant of the Coyote banking Trojan is actively exploiting Windows accessibility features—specifically, the Microsoft UI Automation (UIA) framework—to detect when users visit banking or cryptocurrency exchange websites and steal their login credentials. How Microsoft UI Automation Is Being Abused Microsoft UIA is an accessibility framework designed