The Exploit Archives

The Exploit Archives

The Exploit Archives is a cybersecurity podcast that dives deep into real-world vulnerabilities — and the exploits that took advantage of them. Each week, we unpack a specific flaw in the digital world: how it worked, what made it dangerous, and how attackers used it, from infamous zero-days and ransomware incidents to lesser-known bugs with serious impact. Whether you’re just starting out or already deep into cybersecurity, we decode each case with clarity, precision, and real-world context. Also available on YouTube. Discover. Decode. Lock in

Author

The Exploit Archives

Category

Technology

Podcast website

podcasters.spotify.com

Latest episode

Jun 21, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Log4Shell: A Single Line of Text That Nearly Broke The Internet 21.06.2026

CVE-2021-44228 allowed attackers to execute code through a single string.. Triggering one of the largest vulnerability responses on the internet. In this episode of The Exploit Archives , we break down how Log4Shell worked, why it spread so far, and the lessons it exposed about modern software dependencies. Support the show: ⁠⁠⁠⁠⁠⁠⁠The Exploit Archives⁠⁠⁠⁠ ⁠ Youtube: ⁠⁠⁠⁠⁠⁠ ⁠The Exploit Archives -...

Drupalgeddon 2: When Hackers Went Beyond the Database - CVE-2018-7600 05.02.2026

CVE-2018-7600 - a crafted request turned thousands of websites into attacker control panels. In this episode of The Exploit Archives , we break down how Drupal was compromised again, how it worked and why RCE is still one of the worst outcomes for web platforms. Support the show: ⁠⁠⁠⁠⁠⁠The Exploit Archives⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠ The Exploit Archives - Youtube Weekly episodes! Tags: CVE breakdown, cyb...

Drupalgeddon: How One Bug Hacked Thousands of Sites: CVE-2014-3704 29.01.2026

CVE-2014-3704 - a single vulnerability in Drupal, one of the web's biggest content management. In this episode of The Exploit Archives , we break down how this silent bug in Drupal's code turned into global exploitation within hours, why thousands of sites were compromised, and what lessons it left behind. Stay tuned for Part Two. Support the show: The Exploit Archives Youtube: ⁠⁠⁠⁠⁠The Ex...

The Backdoor That Almost Broke Linux: CVE-2024-3094 28.08.2025

CVE-2024-3094 - a backdoor hidden inside XZ Utils, the tiny compression library bundled into millions of Linux systems. In this episode of The Exploit Archives , we break down how a trusted maintainer slipped in the malicious code, how close it came to being unleashed, and what this betrayal means for the future of open-source security. Support the show: ⁠⁠⁠⁠The Exploit Archives⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠T...

The Triple Threat in NVIDIA Triton: CVE-2025-23334/23320/23319 21.08.2025

CVE-2025-23334, CVE 2025-23320, CVE-2025-23319 - three vulnerabilities in NVIDIA's Triton Inference Server that chain together, getting more critical each time. In this episode of The Exploit Archives , we break down this "Triple Threat", how these flaws work, why they matter for AI security, and what lessons they hold for protecting machine learning infrastructure. Support the show:...

How Weak Cryptography Made Rucky Vulnerable - CVE-2021-41096 14.08.2025

CVE-2021-41096 - a flaw in Rucky , the open-source Android app that turns your phone into a “Rubber Ducky” style hacking tool. It exposed just how dangerous weak cryptography can be. In this episode of The Exploit Archives , we break down how the flaw worked, why it mattered, and how a simple cryptographic misstep turned a pentesting tool into a potential attack vector. Support the show: ⁠⁠The Exp...

Spectre: The Invisible Threat Inside Your CPU - CVE-2017-5753 & CVE-2017-5715 07.08.2025

CVE-2017-5753 & CVE-2017-5715 – better known as Spectre – exposed a terrifying truth: your CPU could be exploited. This wasn’t a software flaw. It was a vulnerability baked into the hardware of nearly every modern processor. And it wasn’t just theoretical. Attackers could steal passwords, encryption keys, and sensitive data... without ever touching the system. In this episode of The Exploit Archiv...

Baron Samedit: The Sudo Bug That Gave Root Access - CVE-2021-3156 31.07.2025

CVE-2021-3156 - was one of the most shocking privilege escalation bugs ever found in Linux. Hidden in sudo for nearly a decade, this flaw let any user with shell access become root instantly - no passwords, no exploit chains, just power. In this episode of The Exploit Archives , we break down how the bug worked, why it was so dangerous, and how a quiet code review uncovered a flaw sitting in plain...

The BIG-IP Bug That Let Attackers Walk In - CVE-2022-1388 24.07.2025

CVE-2022-1388 — an authentication bypass in F5’s BIG-IP systems that gave attackers the keys to the kingdom. No password. No login. Just one carefully crafted request… and full root access. In this episode of The Exploit Archives , we break down how this critical flaw let remote attackers take over enterprise infrastructure, why so many systems were exposed, and how the exploit unfolded in the wil...

How Crime Groups Pivoted Deep Inside Enterprise Networks - CVE-2021-21973 17.07.2025

CVE-2021-21973: It was quiet, it was technical, and it was everything cybercrime groups needed to get their foot in the door. In this episode of The Exploit Archives , we unravel how this vulnerability let attackers pivot deep inside Enterprise environments - no login, no malware, just a crafted request and a misconfigured proxy. From reconnaissance to lateral movement, this wasn't just an exploit...

The RDP Bug That Could've Been Another WannaCry - CVE-2019-0708 16.07.2025

CVE-2019-0708 — a critical remote desktop vulnerability in Microsoft Windows, better known as BlueKeep. It had the potential to become the next WannaCry — wormable, deadly, and lurking in millions of systems. In this episode of The Exploit Archives , we explore how BlueKeep works, the panic it caused in the infosec world, and why—despite the hype—it never exploded the way experts feared. Support t...

How a Simple Office Doc Triggered Global Exploits - CVE-2017-11882 15.07.2025

CVE-2017-11882 is a remote code execution vulnerability in Microsoft’s legacy Equation Editor. A flaw that silently persisted for over 17 years. In this episode of The Exploit Archives , we break down how attackers embedded weaponised payloads into Word documents and triggered silent exploits with zero user interaction. Learn how this vulnerability worked, why it stuck around for so long, and how...

Listen to the The Exploit Archives podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.