The Exploit Post

Sign in Subscribe

Latest

HPE Aruba Instant On Access Points Contained Hardcoded Credentials

HPE Aruba Instant On Access Points Contained Hardcoded Credentials

Hewlett Packard Enterprise (HPE) has issued a critical security advisory after discovering hardcoded credentials in its Aruba Instant On access points. The flaw allows remote attackers to bypass standard authentication and gain full administrative access to the device’s web interface. Aruba Instant On access points are compact wireless networking

Critical Vulnerability in CrushFTP Allows Administrative Access

Critical Vulnerability in CrushFTP Allows Administrative Access

CrushFTP developers have issued an urgent warning about an actively exploited zero-day vulnerability—CVE-2025-54309—that allows remote attackers to gain administrative access via the web interface on unpatched servers. Discovery and Exploitation Timeline The first signs of exploitation were detected on July 18, 2025, although attackers likely began leveraging the

Chaos RAT Trojan Found in Arch User Repository

Chaos RAT Trojan Found in Arch User Repository

Arch Linux developers have identified three malicious packages in the Arch User Repository (AUR) that were used to install the Chaos Remote Access Trojan (RAT) on Linux systems. Malicious Packages Discovered The packages—librewolf-fix-bin, firefox-patch-bin, and zen-browser-patched-bin—were uploaded by a user named danikpapas on July 16, 2025. They were

How the Attack Works (And Why It’s Sneakier Than You Think)

How the Attack Works (And Why It’s Sneakier Than You Think)

Let’s break it down. In vulnerable versions of MCP Inspector (before v0.14.1), the tool exposed a proxy port on 0.0.0.0:6277. This sounds harmless, but here's the twist: due to a long-standing quirk in most browsers, requests sent to 0.0.0.

Critical Zero-Day Vulnerabilities in Microsoft SharePoint Actively Exploited

Critical Zero-Day Vulnerabilities in Microsoft SharePoint Actively Exploited

Two new critical zero-day vulnerabilities in Microsoft SharePoint—CVE-2025-53770 and CVE-2025-53771—have been actively exploited since late last week, with at least 85 servers compromised worldwide. Background: From ToolShell to Active Exploitation In May 2025, researchers at Viettel Cyber Security chained two SharePoint flaws—CVE-2025-49706 and CVE-2025-49704—to create a

How to Avoid Bankruptcy in Industrial Digitalization

How to Avoid Bankruptcy in Industrial Digitalization

How Integrated Industrial Cybersecurity Solutions Protect OT Networks and Reduce the Cost of Critical Incidents Industrial digital transformation has been a topic of discussion for over a decade—but only now is the real tipping point arriving. According to the VDC Research report Securing OT with Purpose-Built Solutions, just 7.

9.0 on the CVSS, But Only 3 Lines of Code

9.0 on the CVSS, But Only 3 Lines of Code

The Third Critical NVIDIA Container Toolkit Vulnerability in a Year Could Expose All Customer Data on Shared Servers A single compromised container. Three lines of code. Full access to every customer’s data on the server. That’s the nightmare scenario behind CVE-2025-23266, a newly discovered vulnerability in the NVIDIA