Russian Scammers Target Crypto Influencers with Infostealers
Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals
Stay informed on the latest exploit trends and vulnerabilities. Get expert insights and updates on information security exploits with our dedicated tag.
Search across headline titles and summaries.
Background for this topic.
An exploit is code, data, or a sequence of actions that uses a software, hardware, or configuration vulnerability to produce unintended behavior. Depending on the flaw and the attacker’s access, it may enable unauthorized code execution, privilege escalation, information disclosure, or denial of service. Exploitation can occur remotely through exposed services, web applications, or client software, or locally after an attacker gains limited access.
Exploitation matters because a vulnerability becomes an active attack path when the required conditions are reachable and exploitable. Defenders should inventory affected assets, prioritize remediation when exploitation is known or credible, apply patches or vendor mitigations, and reduce exposure through access controls, segmentation, and secure configuration. Monitoring for exploit-specific indicators—such as abnormal requests, unexpected processes, or privilege changes—supports detection; systems suspected of successful exploitation require containment and investigation for follow-on access.
Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals
Hackers Unlikley to Exploit Flaws in The WildSecurity researchers found an unpatchable flaw in the system that prevents commercial aircraft from crashing into each other, the U.S. federal government said in a Tuesday advisory that called the likelihood of its exploitation "unlikely" outside of a laboratory setting
No in-the-wild exploits … yet Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices.…
APIs are the backbone of modern applications, enabling connectivity and functionality across diverse systems. However, the growing complexity of API ecosystems introduces vulnerabilities that attackers exploit to disrupt operations, steal data, or launch other malicious activities. Without real-time visibility and robust threat detection, businesses face significant risks.
An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features
Experts warn not to take leaks lightly as years-long compromises could remain undetected Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day exploits.…
Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. [...]
On the first day of Pwn2Own Automotive 2025, security researchers exploited 16 unique zero-days and collected $382,750 in cash awards. [...]
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks
Seven days after disclosure and little action taken, data shows Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit.…
Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet