A dedicated command-line tool, fix-react2shell-next, to help developers immediately detect and patch the critical “React2Shell” vulnerability (CVE-2025-66478). This new scanner offers a one-line solution to identify vulnerable versions of Next.js and React Server Components (RSC). Automatically apply the required security updates…
CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks
CISA and global partners issue new guidance for secure AI integration in operational technology, highlighting risks, governance, behavioral analytics, and OT safety. The post CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks appeared first on Security Boulevard. This…
December 2025 Patch Tuesday forecast: And it’s a wrap
It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, there is…
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes. The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to…
Malicious Go Packages Mimic as Google’s UUID Library to Exfiltrate Sensitive Data
Security researchers have uncovered a long-running supply chain attack targeting the Go programming community. The Socket Threat Research Team recently identified two malicious packages. github.com/bpoorman/uuid and github.com/bpoorman/uid. That has been silently stealing data from unsuspecting developers for years. The attack relies on…
Critical React2Shell RCE Vulnerability Exploited in the Wild to Execute Malicious Code
A critical remote code execution vulnerability, tracked as CVE-2025-55182 and dubbed “React2Shell,” is now under active exploitation in the wild. GreyNoise researchers have detected opportunistic, largely automated exploitation attempts targeting the unsafe deserialization flaw in the React Server Components Flight…
Predator Spyware Compamy Used 15 Zero-Days Since 2021 to Target iOS Users
A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide. The company, known for developing the Predator spyware, continues operations despite being sanctioned by the US government. The threats remain…
The Bastion: Open-source access control for complex infrastructure
Operational teams know that access sprawl grows fast. Servers, virtual machines and network gear all need hands-on work and each new system adds more identities to manage. A bastion host tries to bring order to this problem. It acts as…
NVIDIA research shows how agentic AI fails under attack
Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class of systems also brings new kinds of risk that appear in the interactions between models,…
Critical Vulnerabilities Found in GitHub Copilot, Gemini CLI, Claude, and Other AI Tools Affect Millions
A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on the market. Dubbed “IDEsaster,” this attack chain exploits fundamental features of underlying IDE platforms to…
Critical React2Shell RCE Flaw Actively Exploited to Run Malicious Code
A critical remote code execution vulnerability in React Server Components has emerged as an active exploitation target, with security researchers observing widespread automated attacks across the internet. The flaw, tracked as CVE-2025-55182 and dubbed “React2Shell,” affects React and downstream ecosystems, including the…
Shanya EDR Killer: The New Favorite Tool for Ransomware Operators
A sophisticated new “packer-as-a-service” tool known as Shanya has emerged in the cybercriminal underground, rapidly becoming a preferred weapon for major ransomware groups looking to neutralize endpoint defenses. According to new research from Sophos, Shanya is an evolution in the…
Critical Cal.com Flaw Allows Attackers to Bypass Authentication Using Fake TOTP Codes
Cal.com has disclosed a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to user accounts by exploiting a flaw in password verification logic. The flaw, tracked as CVE-2025-66489 and assigned a critical CVSS v4 score of…
Indonesia’s Gambling Industry Reveals Clues of Nationwide Cyber Involvement
A massive Indonesian-speaking cybercrime operation spanning over 14 years has been uncovered, revealing a sophisticated infrastructure that shows hallmarks of state-level backing and resources typically associated with advanced persistent threat actors. Security researchers at Malanta have exposed what may be…
How to tell if your password manager meets HIPAA expectations
Most healthcare organizations focus on encryption, network monitoring, and phishing prevention, although one simple source of risk still slips through the cracks. Password management continues to open doors for attackers more often than leaders expect. Weak, reused, or shared passwords…
DevelopmentTools May Allow Remote Compromise
Explosive React Vulnerability and AI Tool Flaws Uncovered: Major Implications for Cybersecurity In this episode of Cybersecurity Today, host David Shipley discusses a new significant React vulnerability, React2Shell, that has caused widespread confusion and debate in the security community. This…
Ex-Employee Sues Washington Post Over Oracle EBS-Related Data Breach
The Washington Post last month reported it was among a list of data breach victims of the Oracle EBS-related vulnerabilities, with a threat actor compromising the data of more than 9,700 former and current employees and contractors. Now, a former…
CISOs are spending big and still losing ground
Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding,…
Invisible IT is becoming the next workplace priority
IT leaders want their employees to work without running into digital hurdles, but many still struggle with fragmented systems that slow teams down. A new report from Lenovo sheds light on how widespread the problem has become and what organizations…
Block all AI browsers for the foreseeable future: Gartner
Analysts worry lazy users could have agents complete mandatory infosec training, and attackers could do far nastier things Agentic browsers are too risky for most organizations to use, according to analyst firm Gartner.… This article has been indexed from The…
IT Security News Hourly Summary 2025-12-08 06h : 1 posts
1 posts were published in the last hour 4:31 : React2Shell Exploited Within Hours as Firms Rush to Patch
React2Shell Exploited Within Hours as Firms Rush to Patch
Two hacking groups linked to China have started exploiting a major security flaw in React Server Components (RSC) only hours after the vulnerability became public. The flaw, tracked as CVE-2025-55182 and widely called React2Shell, allows attackers to gain unauthenticated…
NETREAPER Offensive Security Toolkit That Wraps 70+ Penetration Testing Tools
A unified offensive security toolkit, NETREAPER, developed by OFFTRACKMEDIA Studios, consolidates over 70 penetration testing tools into a single, user-friendly command-line interface. This innovation eliminates the chaos of juggling multiple terminals, forgetting syntax, and managing disparate tools. Before NETREAPER, penetration…
ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, (Mon, Dec 8th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, December 8th, 2025…