The Exploit Post

Sign in Subscribe

Latest

Hackers Patch Apache ActiveMQ Vulnerability After Exploiting It

Hackers Patch Apache ActiveMQ Vulnerability After Exploiting It

Researchers at Red Canary have identified a new Linux malware strain dubbed DripDropper, which is being used in an unusual campaign. In these attacks, hackers exploit a critical vulnerability in Apache ActiveMQ—then patch the very flaw they leveraged. Exploiting and Closing the Door The attackers are exploiting an old

A 5-inch Touch Display Released for Raspberry Pi

A 5-inch Touch Display Released for Raspberry Pi

The Raspberry Pi Foundation has introduced a new touch component designed for single-board computer enthusiasts building compact touchscreen devices. The 5-inch Raspberry Pi Touch Display 2 features a 720×1280 resolution, an IPS multi-touch panel, and native support for Raspberry Pi OS. The display is priced at $40 USD and

August Updates Broke Windows Reset and Recovery Functions

August Updates Broke Windows Reset and Recovery Functions

Microsoft has acknowledged that the August security updates for Windows are disrupting the reset and recovery functions on Windows 10 and older versions of Windows 11. “After installing the August security update for Windows on any of the client versions mentioned below in the ‘Affected Platforms’ section, attempts to reset

A Vulnerability in Tunnelblick Could Be Exploited Even After Its Removal

A Vulnerability in Tunnelblick Could Be Exploited Even After Its Removal

Yegor Filatov, a specialist at Positive Technologies, has discovered and helped remediate a serious vulnerability in Tunnelblick, a graphical interface for working with OpenVPN. The flaw allowed privilege escalation on macOS systems and the potential for data theft. What made the issue especially dangerous was that it could still be

U.S. Authorities Seize $2.8 Million in Cryptocurrency from Zeppelin Ransomware Operator

U.S. Authorities Seize $2.8 Million in Cryptocurrency from Zeppelin Ransomware Operator

The U.S. Department of Justice (DOJ) has seized more than $2.8 million in cryptocurrency from Yannis Aleksandrovich Antropenko, the alleged operator of the Zeppelin ransomware. Antropenko faces charges in Texas for computer fraud and money laundering. He is accused of operating Zeppelin, a now-defunct ransomware strain active between

A New Wave of Cyberattacks by the PhantomCore Hacker Group Detected

A New Wave of Cyberattacks by the PhantomCore Hacker Group Detected

Between May and July 2025, specialists at Positive Technologies uncovered more than 180 compromised systems within Russian organizations. The malicious activity was traced back to the hacker group PhantomCore, which appears to have focused exclusively on targeting Russia’s critical infrastructure. Who Was Targeted The victims spanned a wide range

TETRA:BURST and 2TETRA:2BURST — Why Critical Radio Systems Remain Vulnerable

TETRA:BURST and 2TETRA:2BURST — Why Critical Radio Systems Remain Vulnerable

In 2023, researchers dropped a bombshell on the world of secure communications. They revealed TETRA:BURST, a set of vulnerabilities in the Terrestrial Trunked Radio (TETRA) standard — the digital radio system used by law enforcement, the military, and operators of critical infrastructure in more than 100 countries. The flaws meant