The Exploit Post

Sign in Subscribe

News

News

Grafana Patches Critical Vulnerability Allowing Administrator Impersonation

Grafana Patches Critical Vulnerability Allowing Administrator Impersonation

Grafana Labs developers have issued a warning about a critical vulnerability, CVE-2025-41115 (rated 10 out of 10 on the CVSS scale), in Grafana Enterprise. The flaw allows attackers to impersonate an administrator or another internal account through the creation of a new user. Exploitation Requirements The vulnerability can only be

Google Uncovers BadAudio Malware in APT24 Espionage Campaigns

Google Uncovers BadAudio Malware in APT24 Espionage Campaigns

Researchers from the Google Threat Intelligence Group (GTIG) have revealed details of a three-year espionage campaign conducted by the Chinese threat group APT24. The hackers deployed previously undocumented malware called BadAudio in their operations. APT24 (also tracked as Pitty Tiger) targets government institutions and organizations across multiple sectors—including healthcare,

CrowdStrike Catches Insider Leaking Data to Hackers

CrowdStrike Catches Insider Leaking Data to Hackers

CrowdStrike confirmed last month that its security team identified and terminated an employee who transmitted screenshots of the company's internal systems to hackers. The screenshots appeared in the Telegram channel operated by Scattered Lapsus$ Hunters, a collective comprised of members from Scattered Spider, LAPSUS$, and ShinyHunters. The leaked

Sneaky2FA Phishing Kit Adopts Browser-in-the-Browser Attacks

Sneaky2FA Phishing Kit Adopts Browser-in-the-Browser Attacks

Security researchers from Push Security report that the Sneaky2FA phishing platform has added browser-in-the-browser attack capabilities. This technique creates fake login windows that steal both credentials and active sessions from victims. Sneaky2FA ranks among the most widely used PhaaS (phishing-as-a-service) platforms in cybercriminal circles. Along with Tycoon2FA and Mamba2FA, this

Microsoft to Integrate Sysmon into Windows 11 and Server 2025

Microsoft to Integrate Sysmon into Windows 11 and Server 2025

Microsoft has announced that it will integrate the popular tool Sysmon directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Mark Russinovich, creator of Sysinternals. Sysmon Overview Sysmon (System Monitor) is a free Microsoft Sysinternals tool for monitoring and blocking suspicious activity on Windows.

ShadowRay 2.0 Attack Uses Ray Clusters for Cryptocurrency Mining

ShadowRay 2.0 Attack Uses Ray Clusters for Cryptocurrency Mining

Analysts from Oligo Security have uncovered a large-scale campaign dubbed ShadowRay 2.0. Attackers are exploiting a two-year-old RCE vulnerability in the open-source Ray framework, using it to turn AI clusters into a self-propagating botnet. Ray Framework Background Ray, created by Anyscale, is commonly used for developing and deploying large-scale

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers

D-Link Warns of RCE Vulnerabilities in Older DIR-878 Routers D-Link has issued a warning about three separate remote code execution (RCE) vulnerabilities in the DIR-878 router. The issues affect all models and hardware revisions of these routers. However, the devices have been unsupported since 2021, so patches will not be