The Exploit Post

Sign in Subscribe

News

News

Remote Code Execution Flaw in ImunifyAV Puts Millions of Websites at Risk

Remote Code Execution Flaw in ImunifyAV Puts Millions of Websites at Risk

A remote code execution (RCE) vulnerability in ImunifyAV, a malware scanner deployed across Linux hosting environments, creates significant exposure for tens of millions of websites. The flaw enables attackers to compromise the underlying host system through malicious file uploads. What ImunifyAV Is and Why This Matters ImunifyAV functions as a

The IndonesianFoods Worm Has Created Over 100,000 Malicious Packages in npm

The IndonesianFoods Worm Has Created Over 100,000 Malicious Packages in npm

A self-propagating worm called IndonesianFoods has infected npm, spawning new packages every seven seconds. According to Sonatype security researchers, the malware has already created over 100,000 packages, and the number continues to grow. The Worm's Naming Scheme The worm's name references its package naming pattern,

Operation Endgame: Law Enforcement Takes Down Over 1,000 Servers for Rhadamanthys, VenomRAT, and Elysium

Operation Endgame: Law Enforcement Takes Down Over 1,000 Servers for Rhadamanthys, VenomRAT, and Elysium

Law enforcement agencies from nine countries have dismantled over 1,000 servers used by the Rhadamanthys info-stealer, VenomRAT trojan, and Elysium botnet. This represents the latest phase of Operation Endgame, an international campaign against cybercrime coordinated by Europol and Eurojust. International Cooperation The operation brought together agencies from Australia, Canada,

Android-Based Digital Photo Frames Load Malware During Startup

Android-Based Digital Photo Frames Load Malware During Startup

Security researchers have discovered that Uhale digital photo frames running Android contain multiple critical vulnerabilities. Even more concerning, some models automatically download and execute malware during the boot process. Discovery and Disclosure Attempt Researchers from Quokka, a mobile security firm, analyzed the Uhale application and identified activity linked to two

Hackers Used Citrix and Cisco ISE Zero-Day Vulnerabilities in Their Attacks

Hackers Used Citrix and Cisco ISE Zero-Day Vulnerabilities in Their Attacks

Amazon's threat intelligence team has uncovered attacks exploiting two critical zero-day vulnerabilities: CVE-2025-5777 (dubbed "Citrix Bleed 2") in NetScaler ADC/Gateway and CVE-2025-20337 in Cisco Identity Services Engine (ISE). The findings reveal that attackers were exploiting these flaws weeks before the vendors disclosed them or released

Microsoft Patches Zero-Day Vulnerability in Windows Kernel

Microsoft Patches Zero-Day Vulnerability in Windows Kernel

This week, Microsoft released its November security updates, addressing 63 vulnerabilities across its product line. The most serious among them is CVE-2025-62215, a zero-day flaw in the Windows kernel that attackers are actively exploiting in the wild. Patch Tuesday Overview Four vulnerabilities received Critical severity ratings, while 59 were classified

Malware in npm Registry Turns Out to Be GitHub's Own Red Team Exercise

Malware in npm Registry Turns Out to Be GitHub's Own Red Team Exercise

Researchers from Veracode discovered a malicious npm package named acitons/artifact that masqueraded as the legitimate actions/artifact package and targeted GitHub's own repositories. However, the "attack" turned out to be an internal Red Team exercise conducted by GitHub itself—one that inadvertently exposed the public