Security news aggregator

Latest coverage for Exploit

Stay informed on the latest exploit trends and vulnerabilities. Get expert insights and updates on information security exploits with our dedicated tag.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

An exploit is code, data, or a sequence of actions that uses a software, hardware, or configuration vulnerability to produce unintended behavior. Depending on the flaw and the attacker’s access, it may enable unauthorized code execution, privilege escalation, information disclosure, or denial of service. Exploitation can occur remotely through exposed services, web applications, or client software, or locally after an attacker gains limited access.

Exploitation matters because a vulnerability becomes an active attack path when the required conditions are reachable and exploitable. Defenders should inventory affected assets, prioritize remediation when exploitation is known or credible, apply patches or vendor mitigations, and reduce exposure through access controls, segmentation, and secure configuration. Monitoring for exploit-specific indicators—such as abnormal requests, unexpected processes, or privilege changes—supports detection; systems suspected of successful exploitation require containment and investigation for follow-on access.

Showing 11 most recent headlines Filtered view
Bank Info Security 1 year, 9 months ago

Linux Distros Patching Printer Hijacking Flaw

Exploitation Requires Victim to Print On Rogue PrinterAttackers can exploit a series of vulnerabilities in the OpenPrinting Common Unix Printing System utility to remotely execute arbitrary code on certain machines. Major Linux distributions reacted Friday by releasing patches. Exploitation requires a victim to attempt to print from a malicious device.

No fix plus a POC exploit equals bad news Details about a critical, 9.9-rated unauthenticated RCE affecting all GNU/Linux systems — and possibly others — will soon be revealed, according to bug hunter Simone Margaritelli, who says there's still no fix for the decade-old flaw he disclosed to developers three weeks ago.…

Bank Info Security 1 year, 9 months ago

Cryptohack Roundup: BingX, Truflation Exploits

Also: Reimbursements in Banana Gun Hack; Germany Shutters 47 ExchangesThis week, BingX, Truflation, OpenAI X account hacked; Germany shut 47 exchanges; Caroline Ellison sentenced; two got crypto theft charges; one got crypto scam fine; Banana Gun will refund victims; WazirX, Liminal in dispute; SEC settled with TrueCoin, TrustToken; CFTC may settle with Mango Markets.

Bank Info Security 1 year, 9 months ago

Fake Paystubs Are Draining Billions From Lenders

How AI Could Solve Failings of Traditional Employment and Income VerificationFake paystub generators and unscrupulous businesses have made it easy for fraudsters to exploit outdated employment and income verification systems that account for $3.6 billion in losses for auto lenders alone, but AI-driven solutions are emerging as a game-changing defense.

No malware crew linked to this latest red-teaming tool yet Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims' IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service account info, and downloading additional malware onto victims' systems.…

A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools