The Exploit Post

Sign in Subscribe

News

News

ChimeraWire Trojan Manipulates Search Rankings Through Browser Automation

ChimeraWire Trojan Manipulates Search Rankings Through Browser Automation

Security researchers at Doctor Web discovered a trojan that mimics human browsing behavior to artificially inflate website traffic and manipulate search engine rankings. The malware, named ChimeraWire, targets Windows systems and represents a financially-motivated attack that monetizes infected machines through search engine optimization fraud. ChimeraWire builds on open-source projects zlsgo

Ransomware Groups Extracted $2.1 Billion from Victims Between 2022-2024

Ransomware Groups Extracted $2.1 Billion from Victims Between 2022-2024

Ransomware attackers collected over $2.1 billion in ransom payments during a three-year period that saw both explosive growth and a sudden decline in attack profitability, according to financial data analyzed by the U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN). The agency processed thousands of Bank

Google Builds Security Guardrails for AI Agents in Chrome

Google Builds Security Guardrails for AI Agents in Chrome

Google is preparing Chrome for a future where AI operates autonomously in your browser—and the company knows that future comes with serious security risks. The tech giant announced multi-layered protection for browser-based AI agents, systems that can independently open websites, read content, click buttons, fill forms, and execute complex

Ransomware Group Claims Massive Data Theft from Asus Supplier

Ransomware Group Claims Massive Data Theft from Asus Supplier

Asus confirmed that one of its suppliers suffered a ransomware attack, though the company maintains its own systems remain secure. The Everest ransomware group, however, tells a different story—claiming to have stolen one terabyte of data from three companies: Asus, Qualcomm, and ArcSoft. What Asus Says The company'

Half of Passwords Compromised in 2025 Were Already Leaked, Kaspersky Lab Reports

Half of Passwords Compromised in 2025 Were Already Leaked, Kaspersky Lab Reports

Analysis reveals users stick with weak passwords for 3.5-4 years despite repeated breaches. More than half of passwords compromised in 2025 had already appeared in previous data breaches, according to a large-scale analysis by Kaspersky Lab. The finding demonstrates that users continue relying on weak passwords and fail to

North Korean Hacker's Device Infected by Lumma Stealer, Exposes $1.4 Billion Bybit Heist Infrastructure

North Korean Hacker's Device Infected by Lumma Stealer, Exposes $1.4 Billion Bybit Heist Infrastructure

Malware logs reveal tools, credentials, and operational security failures tied to major cryptocurrency theft. A North Korean hacker linked to the $1.4 billion Bybit cryptocurrency heist became the victim of their own compromise. Researchers from Hudson Rock discovered that Lumma stealer malware had infected a device used in infrastructure

Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure

Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure

Over 30 organizations confirmed compromised. More than 77,000 servers remain vulnerable. Hours after security researchers disclosed the React2Shell vulnerability, malicious actors began exploiting the flaw in active attacks. Cybersecurity firms have confirmed breaches at more than 30 organizations across multiple sectors, while researchers estimate over 77,000 servers remain