The Exploit Post

Sign in Subscribe

News

News

Vulnerability in Notepad++ Allowed Distribution of Malicious Updates

Vulnerability in Notepad++ Allowed Distribution of Malicious Updates

Notepad++ released version 8.8.9 to fix a vulnerability in its auto-update mechanism that allowed attackers to distribute malware instead of legitimate updates. The flaw enabled man-in-the-middle attacks that redirected update downloads to malicious executables. Users first reported the issue on Notepad++ community forums. One user noted that the

Extortionists Blackmail PornHub After Stealing Premium Subscribers' Data

Extortionists Blackmail PornHub After Stealing Premium Subscribers' Data

The ShinyHunters hacking group is extorting money from PornHub, claiming to have stolen browsing histories and search queries of premium subscribers. PornHub confirmed the data leak stems from the November compromise of analytics service Mixpanel, which fell victim to SMS phishing. PornHub reported the leak occurred after Mixpanel's

Zero-Day Vulnerability Discovered in RasMan; Only Unofficial Patch Available

Zero-Day Vulnerability Discovered in RasMan; Only Unofficial Patch Available

A zero-day vulnerability in Windows Remote Access Connection Manager (RasMan) enables denial-of-service attacks and, when combined with another flaw, privilege escalation. Microsoft hasn't released a patch, but Acros Security published a free temporary fix through its 0patch platform. RasMan is a Windows system service that starts automatically, runs

North Korean Hackers Deploy EtherRAT Malware Through Critical React2Shell Vulnerability

North Korean Hackers Deploy EtherRAT Malware Through Critical React2Shell Vulnerability

North Korean threat actors exploited a critical vulnerability in React's server components just two days after public disclosure, deploying sophisticated malware that uses Ethereum smart contracts for command and control. Security researchers at Sysdig discovered the new malware, named EtherRAT, within a compromised Next.js application. The speed

JS#SMUGGLER Campaign Weaponizes Compromised Websites to Distribute NetSupport RAT

JS#SMUGGLER Campaign Weaponizes Compromised Websites to Distribute NetSupport RAT

Attackers are compromising legitimate websites and converting them into distribution infrastructure for NetSupport RAT, a remote access trojan that provides complete control over infected systems. Security researchers at Securonix identified the campaign, named JS#SMUGGLER, which uses multi-stage infection chains involving obfuscated JavaScript, HTML applications, and PowerShell payloads. NetSupport RAT

Spanish Police Arrest Teenager Over Theft and Sale of 64 Million Records

Spanish Police Arrest Teenager Over Theft and Sale of 64 Million Records

Spanish National Police arrested a 19-year-old suspect accused of stealing 64 million personal records from nine companies and selling the data through underground forums. The case raises questions about how a teenager gained access to multiple corporate databases and whether the breached companies have notified affected individuals. The suspect faces

DroidLock Android Malware Combines Screen Locking, Remote Access, and Ransom Demands

DroidLock Android Malware Combines Screen Locking, Remote Access, and Ransom Demands

Security researchers at Zimperium identified Android malware that locks victims' device screens while establishing comprehensive remote control capabilities. The threat, named DroidLock, demands ransom payments to unlock devices while maintaining VNC access for data theft and surveillance. DroidLock represents an evolution beyond simple screen-locking ransomware. The malware combines device