Exploit Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 1.2.26 | PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups | PeckBirdy is a sophisticated JScript-based C&C framework used by China-aligned APT groups to exploit LOLBins across multiple environments, delivering advanced backdoors to target gambling industries and Asian government entities. | Exploit blog | Trend Micro |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here? | While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting these vulnerabilities highlighted some broader issues in the Android ecosystem. This post describes the problems we encountered and recommendations for improvement. | Exploit blog | Project Zero |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave | With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is intended to be a constrained (a.k.a sandboxed) context where non-secure software decoders are utilized. Nevertheless, using my DriverCartographer tool, I discovered an interesting device driver, /dev/bigwave that was accessible from the mediacodec SELinux context. | Exploit blog | Project Zero |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby | Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to be decoded before the message is opened by the user. | Exploit blog | Project Zero |
| 10.1.26 | CISA Known Exploited Vulnerabilities Surged 20% in 2025 | CISA’s Known Exploited Vulnerabilities (KEV) catalog grew by 20% in 2025, including 24 vulnerabilities exploited by ransomware groups. | Exploit blog |