Red Dog Security
@reddogsecurity.bsky.social
Cybersecurity Expert | Cyber Defense & Offensive Cybersecurity
Ransomware Group Claims Massive Data Theft from Asus Supplier
theexploitpost.com/ransomware-g...
theexploitpost.com/ransomware-g...
Ransomware Group Claims Massive Data Theft from Asus Supplier
Asus confirmed that one of its suppliers suffered a ransomware attack, though the company maintains its own systems remain secure. The Everest ransomware group, however, tells a different story—claimi...
theexploitpost.com
December 10, 2025 at 5:44 PM
Ransomware Group Claims Massive Data Theft from Asus Supplier
theexploitpost.com/ransomware-g...
theexploitpost.com/ransomware-g...
Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure
theexploitpost.com/chinese-hack...
theexploitpost.com/chinese-hack...
Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure
Over 30 organizations confirmed compromised. More than 77,000 servers remain vulnerable.
Hours after security researchers disclosed the React2Shell vulnerability, malicious actors began exploiting th...
theexploitpost.com
December 9, 2025 at 3:47 PM
Chinese Hackers Exploit Critical React2Shell Bug Within Hours of Disclosure
theexploitpost.com/chinese-hack...
theexploitpost.com/chinese-hack...
Critical XXE Vulnerability Patched in Apache Tika
theexploitpost.com/critical-xxe...
theexploitpost.com/critical-xxe...
Critical XXE Vulnerability Patched in Apache Tika
Apache developers have patched a critical vulnerability in Apache Tika—a widely-used toolkit for detecting and extracting metadata from various file formats. The flaw, identified as CVE-2025-66516, sc...
theexploitpost.com
December 8, 2025 at 2:17 PM
Critical XXE Vulnerability Patched in Apache Tika
theexploitpost.com/critical-xxe...
theexploitpost.com/critical-xxe...
Critical React Vulnerability Achieves Perfect 10 CVSS Score, Enables Unauthenticated Remote Code Execution
theexploitpost.com/critical-rea...
theexploitpost.com/critical-rea...
Critical React Vulnerability Achieves Perfect 10 CVSS Score, Enables Unauthenticated Remote Code Execution
A critical vulnerability in React has received a perfect 10.0 CVSS score, allowing attackers to execute code remotely on servers without authentication. The flaw, tracked as CVE-2025-55182 and dubbed ...
theexploitpost.com
December 5, 2025 at 2:24 PM
Critical React Vulnerability Achieves Perfect 10 CVSS Score, Enables Unauthenticated Remote Code Execution
theexploitpost.com/critical-rea...
theexploitpost.com/critical-rea...
Reposted by Red Dog Security
They need to release this video to the public
December 4, 2025 at 4:06 PM
They need to release this video to the public
Android Patched Two Zero-Day Vulnerabilities Under Active Attack
theexploitpost.com/android-patc...
theexploitpost.com/android-patc...
Android Patched Two Zero-Day Vulnerabilities Under Active Attack
Google released its December security update for Android, fixing 107 vulnerabilities across the operating system. Two of these were zero-day flaws that attackers had already exploited in targeted camp...
theexploitpost.com
December 4, 2025 at 4:09 PM
Android Patched Two Zero-Day Vulnerabilities Under Active Attack
theexploitpost.com/android-patc...
theexploitpost.com/android-patc...
Microsoft: Windows Update Hides Password Login Button
theexploitpost.com/microsoft-wi...
theexploitpost.com/microsoft-wi...
Microsoft: Windows Update Hides Password Login Button
Microsoft acknowledged a new problem affecting Windows 11 users who installed recent updates: the password authentication button vanishes from the lock screen, though the login method still functions....
theexploitpost.com
December 3, 2025 at 2:24 PM
Microsoft: Windows Update Hides Password Login Button
theexploitpost.com/microsoft-wi...
theexploitpost.com/microsoft-wi...
Police Shut Down Cryptomixer Service, Seize $29 Million in Cryptocurrency
theexploitpost.com/police-shut-...
theexploitpost.com/police-shut-...
Police Shut Down Cryptomixer Service, Seize $29 Million in Cryptocurrency
Law enforcement agencies in Switzerland and Germany have dismantled Cryptomixer, a major cryptocurrency mixing service that laundered approximately $1.5 billion in Bitcoin since 2016.
The takedown, c...
theexploitpost.com
December 2, 2025 at 3:24 PM
Police Shut Down Cryptomixer Service, Seize $29 Million in Cryptocurrency
theexploitpost.com/police-shut-...
theexploitpost.com/police-shut-...
Five Fluent Bit Vulnerabilities Threaten Cloud Infrastructures
theexploitpost.com/five-fluent-...
theexploitpost.com/five-fluent-...
Five Fluent Bit Vulnerabilities Threaten Cloud Infrastructures
Researchers at Oligo Security discovered five vulnerabilities in Fluent Bit that, when exploited in combination, could compromise entire cloud infrastructures, including Kubernetes clusters.
Fluent B...
theexploitpost.com
December 1, 2025 at 4:43 PM
Five Fluent Bit Vulnerabilities Threaten Cloud Infrastructures
theexploitpost.com/five-fluent-...
theexploitpost.com/five-fluent-...
Some Cisco products are vulnerable to the critical Erlang/OTP bug
Cisco developers are investigating the impact of the critical CVE-2025-32433 vulnerability related to remote code execution in Erlang/OTP on their products.
https://buff.ly/alNI2cf
Cisco developers are investigating the impact of the critical CVE-2025-32433 vulnerability related to remote code execution in Erlang/OTP on their products.
https://buff.ly/alNI2cf
Some Cisco products are vulnerable to the critical Erlang/OTP bug
Cisco developers are investigating the impact of a critical vulnerability, CVE-2025-32433, related to remote code execution in Erlang/OTP, on their products.
buff.ly
May 2, 2025 at 9:45 PM
Some Cisco products are vulnerable to the critical Erlang/OTP bug
Cisco developers are investigating the impact of the critical CVE-2025-32433 vulnerability related to remote code execution in Erlang/OTP on their products.
https://buff.ly/alNI2cf
Cisco developers are investigating the impact of the critical CVE-2025-32433 vulnerability related to remote code execution in Erlang/OTP on their products.
https://buff.ly/alNI2cf
🎣 Phishing in Pentesting: Strategic OSINT 🎣
Phishing thrives on meticulous OSINT—email lists, corporate writing styles, and DNSBL checks when reusing infrastructure. Even the most secure teams have weak links.
https://shorturl.at/esTba
#CyberSecurity #Phishing #Pentesting
Phishing thrives on meticulous OSINT—email lists, corporate writing styles, and DNSBL checks when reusing infrastructure. Even the most secure teams have weak links.
https://shorturl.at/esTba
#CyberSecurity #Phishing #Pentesting
May 2, 2025 at 2:21 PM
🎣 Phishing in Pentesting: Strategic OSINT 🎣
Phishing thrives on meticulous OSINT—email lists, corporate writing styles, and DNSBL checks when reusing infrastructure. Even the most secure teams have weak links.
https://shorturl.at/esTba
#CyberSecurity #Phishing #Pentesting
Phishing thrives on meticulous OSINT—email lists, corporate writing styles, and DNSBL checks when reusing infrastructure. Even the most secure teams have weak links.
https://shorturl.at/esTba
#CyberSecurity #Phishing #Pentesting
Critical zero-day vulnerability in SAP NetWeaver received an emergency patch
SAP has released out-of-band patches for NetWeaver and fixed a zero-day remote code execution (RCE) vulnerability. It is assumed that this problem is already being exploited for attacks.
https://buff.ly/7iyaYyE
SAP has released out-of-band patches for NetWeaver and fixed a zero-day remote code execution (RCE) vulnerability. It is assumed that this problem is already being exploited for attacks.
https://buff.ly/7iyaYyE
Critical zero-day vulnerability in SAP NetWeaver received an emergency patch
SAP has released unscheduled patches for NetWeaver, addressing a zero-day vulnerability linked to remote code execution (RCE).
buff.ly
May 1, 2025 at 9:24 PM
Critical zero-day vulnerability in SAP NetWeaver received an emergency patch
SAP has released out-of-band patches for NetWeaver and fixed a zero-day remote code execution (RCE) vulnerability. It is assumed that this problem is already being exploited for attacks.
https://buff.ly/7iyaYyE
SAP has released out-of-band patches for NetWeaver and fixed a zero-day remote code execution (RCE) vulnerability. It is assumed that this problem is already being exploited for attacks.
https://buff.ly/7iyaYyE
🎯 Social Engineering Targets Small Businesses 🎯
Mass attacks fail against big organizations, but small businesses often lack awareness, making them easy prey for tailored social engineering tactics.
https://shorturl.at/ec5Lb
#CyberSecurity #SocialEngineering #SmallBusiness
Mass attacks fail against big organizations, but small businesses often lack awareness, making them easy prey for tailored social engineering tactics.
https://shorturl.at/ec5Lb
#CyberSecurity #SocialEngineering #SmallBusiness
Unveiling Social Engineering: Tactics and Real-World Examples.
A Deep Dive into the Art of Deception and Techniques Used by Social Engineers.
shorturl.at
May 1, 2025 at 2:14 PM
🎯 Social Engineering Targets Small Businesses 🎯
Mass attacks fail against big organizations, but small businesses often lack awareness, making them easy prey for tailored social engineering tactics.
https://shorturl.at/ec5Lb
#CyberSecurity #SocialEngineering #SmallBusiness
Mass attacks fail against big organizations, but small businesses often lack awareness, making them easy prey for tailored social engineering tactics.
https://shorturl.at/ec5Lb
#CyberSecurity #SocialEngineering #SmallBusiness
An empty inetpub folder in Windows can block OS updates
Recently, Microsoft created an empty inetpub folder in Windows and asked users not to delete it, as it prevents the vulnerability from being exploited.
https://shorturl.at/qk90j
Recently, Microsoft created an empty inetpub folder in Windows and asked users not to delete it, as it prevents the vulnerability from being exploited.
https://shorturl.at/qk90j
April 30, 2025 at 10:20 PM
An empty inetpub folder in Windows can block OS updates
Recently, Microsoft created an empty inetpub folder in Windows and asked users not to delete it, as it prevents the vulnerability from being exploited.
https://shorturl.at/qk90j
Recently, Microsoft created an empty inetpub folder in Windows and asked users not to delete it, as it prevents the vulnerability from being exploited.
https://shorturl.at/qk90j
🚨 Conficker: The Malware That Refused to Die 🚨
This infamous worm, persisting for over a decade, exposes the dangers of neglecting updates and weak cybersecurity. A global cautionary tale—its legacy reminds us to stay vigilant.
https://shorturl.at/YxLqJ
This infamous worm, persisting for over a decade, exposes the dangers of neglecting updates and weak cybersecurity. A global cautionary tale—its legacy reminds us to stay vigilant.
https://shorturl.at/YxLqJ
April 30, 2025 at 5:35 PM
🚨 Conficker: The Malware That Refused to Die 🚨
This infamous worm, persisting for over a decade, exposes the dangers of neglecting updates and weak cybersecurity. A global cautionary tale—its legacy reminds us to stay vigilant.
https://shorturl.at/YxLqJ
This infamous worm, persisting for over a decade, exposes the dangers of neglecting updates and weak cybersecurity. A global cautionary tale—its legacy reminds us to stay vigilant.
https://shorturl.at/YxLqJ
🌐 Shodan: The Hacker's Search Engine 🌐
IoT devices like baby monitors and hospital equipment are exposed online for convenience, but at great risk. Shodan reveals hidden vulnerabilities.
https://shorturl.at/GW8MS
#CyberSecurity #Shodan #IoT #Vulnerabilities
IoT devices like baby monitors and hospital equipment are exposed online for convenience, but at great risk. Shodan reveals hidden vulnerabilities.
https://shorturl.at/GW8MS
#CyberSecurity #Shodan #IoT #Vulnerabilities
Shodan: The Hacker’s Search Engine
Exploring Shodan: Unveiling IoT Vulnerabilities and the Internet’s Hidden Layers
shorturl.at
April 29, 2025 at 7:07 PM
🌐 Shodan: The Hacker's Search Engine 🌐
IoT devices like baby monitors and hospital equipment are exposed online for convenience, but at great risk. Shodan reveals hidden vulnerabilities.
https://shorturl.at/GW8MS
#CyberSecurity #Shodan #IoT #Vulnerabilities
IoT devices like baby monitors and hospital equipment are exposed online for convenience, but at great risk. Shodan reveals hidden vulnerabilities.
https://shorturl.at/GW8MS
#CyberSecurity #Shodan #IoT #Vulnerabilities
🎣 Phishing: Know the Threats, Stay Secure 🎣
Phishing attacks exploit human psychology to steal data through fake emails and websites. Learn how social engineers target victims, their end goals, and tips to protect yourself.
https://shorturl.at/kSpGD
#CyberSecurity #Phishing #DataProtection
Phishing attacks exploit human psychology to steal data through fake emails and websites. Learn how social engineers target victims, their end goals, and tips to protect yourself.
https://shorturl.at/kSpGD
#CyberSecurity #Phishing #DataProtection
What is Phishing?
Understanding Phishing: Unmasking Tactics and Defenses Against Cyber Threats
shorturl.at
April 29, 2025 at 2:10 PM
🎣 Phishing: Know the Threats, Stay Secure 🎣
Phishing attacks exploit human psychology to steal data through fake emails and websites. Learn how social engineers target victims, their end goals, and tips to protect yourself.
https://shorturl.at/kSpGD
#CyberSecurity #Phishing #DataProtection
Phishing attacks exploit human psychology to steal data through fake emails and websites. Learn how social engineers target victims, their end goals, and tips to protect yourself.
https://shorturl.at/kSpGD
#CyberSecurity #Phishing #DataProtection
Attacks often succeed long before they start, thanks to OSINT. From finding open doors to gathering critical data, open-source intelligence is key to reducing costs and boosting efficiency for attackers.
https://shorturl.at/g88pr
#CyberSecurity #OSINT #Reconnaissance
https://shorturl.at/g88pr
#CyberSecurity #OSINT #Reconnaissance
OSINT — Open-Source Intelligence
Unveiling the Power of OSINT: The Critical Reconnaissance Phase of Cybersecurity
shorturl.at
April 28, 2025 at 6:22 PM
Attacks often succeed long before they start, thanks to OSINT. From finding open doors to gathering critical data, open-source intelligence is key to reducing costs and boosting efficiency for attackers.
https://shorturl.at/g88pr
#CyberSecurity #OSINT #Reconnaissance
https://shorturl.at/g88pr
#CyberSecurity #OSINT #Reconnaissance
🌐 DNS: Fake Records & Cyber Risks 🌐
DNS, the backbone of the web, can be exploited by fraudsters to hijack traffic, steal data, or create phishing sites. Imagine logging into a fake version of your bank!.
https://shorturl.at/b1qWH
#CyberSecurity #Phishing #DNS
DNS, the backbone of the web, can be exploited by fraudsters to hijack traffic, steal data, or create phishing sites. Imagine logging into a fake version of your bank!.
https://shorturl.at/b1qWH
#CyberSecurity #Phishing #DNS
DNS: Fake Records, Traffic Interception, and Other Horrors
Exposing the dark side of DNS: How fake records and traffic interception open the door to cybersecurity chaos.
shorturl.at
April 28, 2025 at 4:18 PM
🌐 DNS: Fake Records & Cyber Risks 🌐
DNS, the backbone of the web, can be exploited by fraudsters to hijack traffic, steal data, or create phishing sites. Imagine logging into a fake version of your bank!.
https://shorturl.at/b1qWH
#CyberSecurity #Phishing #DNS
DNS, the backbone of the web, can be exploited by fraudsters to hijack traffic, steal data, or create phishing sites. Imagine logging into a fake version of your bank!.
https://shorturl.at/b1qWH
#CyberSecurity #Phishing #DNS
🚨 Linux Kernel Vulnerability Alert 🚨
The io_uring interface allows rootkits to bypass security tools undetected. ARMO's Curing rootkit highlights the risks, prompting Google to disable io_uring by default on Android/ChromeOS.
https://shorturl.at/JnUD2
#Cybersecurity #LinuxKernel #io_uring
The io_uring interface allows rootkits to bypass security tools undetected. ARMO's Curing rootkit highlights the risks, prompting Google to disable io_uring by default on Android/ChromeOS.
https://shorturl.at/JnUD2
#Cybersecurity #LinuxKernel #io_uring
April 28, 2025 at 2:18 PM
🚨 Linux Kernel Vulnerability Alert 🚨
The io_uring interface allows rootkits to bypass security tools undetected. ARMO's Curing rootkit highlights the risks, prompting Google to disable io_uring by default on Android/ChromeOS.
https://shorturl.at/JnUD2
#Cybersecurity #LinuxKernel #io_uring
The io_uring interface allows rootkits to bypass security tools undetected. ARMO's Curing rootkit highlights the risks, prompting Google to disable io_uring by default on Android/ChromeOS.
https://shorturl.at/JnUD2
#Cybersecurity #LinuxKernel #io_uring
The Most Important Cybersecurity Events of March: Keenetic Experienced a User Data Breach, Cloudflare Launched a Maze to Trap AI Crawlers, a Cascading Supply Chain Attack Was Discovered in GitHub Actions
https://shorturl.at/8MDau
#cybersecurity
https://shorturl.at/8MDau
#cybersecurity
The Most Important Cybersecurity Events of March
This Month’s Highlights
shorturl.at
April 2, 2025 at 10:08 PM
The Most Important Cybersecurity Events of March: Keenetic Experienced a User Data Breach, Cloudflare Launched a Maze to Trap AI Crawlers, a Cascading Supply Chain Attack Was Discovered in GitHub Actions
https://shorturl.at/8MDau
#cybersecurity
https://shorturl.at/8MDau
#cybersecurity
New Android Trojan "Crocodilus" Steals Banking and Cryptocurrency App Data
A new Android banking malware called Crocodilus is forcing users to hand over their cryptocurrency wallet seed phrases under the pretext of creating a backup.
https://shorturl.at/SlUf1
A new Android banking malware called Crocodilus is forcing users to hand over their cryptocurrency wallet seed phrases under the pretext of creating a backup.
https://shorturl.at/SlUf1
April 2, 2025 at 7:01 PM
New Android Trojan "Crocodilus" Steals Banking and Cryptocurrency App Data
A new Android banking malware called Crocodilus is forcing users to hand over their cryptocurrency wallet seed phrases under the pretext of creating a backup.
https://shorturl.at/SlUf1
A new Android banking malware called Crocodilus is forcing users to hand over their cryptocurrency wallet seed phrases under the pretext of creating a backup.
https://shorturl.at/SlUf1
Researchers find backdoor in Unitree Go1 robotic dog
German cybersecurity firm discovers undocumented remote access tunnel in popular Chinese-made robotic canine.
https://shorturl.at/GXMK5
German cybersecurity firm discovers undocumented remote access tunnel in popular Chinese-made robotic canine.
https://shorturl.at/GXMK5
April 2, 2025 at 5:00 PM
Researchers find backdoor in Unitree Go1 robotic dog
German cybersecurity firm discovers undocumented remote access tunnel in popular Chinese-made robotic canine.
https://shorturl.at/GXMK5
German cybersecurity firm discovers undocumented remote access tunnel in popular Chinese-made robotic canine.
https://shorturl.at/GXMK5
Elevating Privileges in Windows via CVE-2024-30085
https://open.substack.com/pub/reddogsecurity/p/elevating-privileges-in-windows-insights?r=5awqb0&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true
#windows, #cybersecurity, #exploit, #hacking, #onedrive, #alpc,
https://open.substack.com/pub/reddogsecurity/p/elevating-privileges-in-windows-insights?r=5awqb0&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true
#windows, #cybersecurity, #exploit, #hacking, #onedrive, #alpc,
Elevating Privileges in Windows: Insights into CVE-2024-30085
Understanding the Vulnerability and Its Implications for System Security
open.substack.com
April 1, 2025 at 6:54 PM
Elevating Privileges in Windows via CVE-2024-30085
https://open.substack.com/pub/reddogsecurity/p/elevating-privileges-in-windows-insights?r=5awqb0&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true
#windows, #cybersecurity, #exploit, #hacking, #onedrive, #alpc,
https://open.substack.com/pub/reddogsecurity/p/elevating-privileges-in-windows-insights?r=5awqb0&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true
#windows, #cybersecurity, #exploit, #hacking, #onedrive, #alpc,
Hackers Hide Malware in WordPress Using MU-Plugins
Analysts at Sucuri have discovered that hackers are using the MU-plugins (Must-Use Plugins) directory in WordPress to conceal malicious code and execute it while avoiding detection.
https://shorturl.at/2Va4k
#wordpress, #osint, #AI, #cybersecurity
Analysts at Sucuri have discovered that hackers are using the MU-plugins (Must-Use Plugins) directory in WordPress to conceal malicious code and execute it while avoiding detection.
https://shorturl.at/2Va4k
#wordpress, #osint, #AI, #cybersecurity
Exploiting WordPress MU-Plugins: A Growing Threat to Website Security
How Hackers Are Leveraging Must-Use Plugins to Deploy Malicious Payloads and Evade Detection
shorturl.at
April 1, 2025 at 6:10 PM
Hackers Hide Malware in WordPress Using MU-Plugins
Analysts at Sucuri have discovered that hackers are using the MU-plugins (Must-Use Plugins) directory in WordPress to conceal malicious code and execute it while avoiding detection.
https://shorturl.at/2Va4k
#wordpress, #osint, #AI, #cybersecurity
Analysts at Sucuri have discovered that hackers are using the MU-plugins (Must-Use Plugins) directory in WordPress to conceal malicious code and execute it while avoiding detection.
https://shorturl.at/2Va4k
#wordpress, #osint, #AI, #cybersecurity