A proof-of-concept (PoC) exploit for CVE-2025-55182, a maximum-severity remote code execution (RCE) flaw in React Server Components, surfaced publicly this week, heightening alarms for developers worldwide. Dubbed “React2Shell” by some researchers, the vulnerability carries a CVSS score of 10.0 and…
Tag: EN
China-Nexus Hackers Actively Exploiting React2Shell Vulnerability in The Wild
China-nexus threat groups are racing to weaponize the new React2Shell bug, tracked as CVE-2025-55182, only hours after its public disclosure. The flaw sits in React Server Components and lets an attacker run code on the server without logging in. Early…
CISA and NSA Warn of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Canadian Centre for Cyber Security (Cyber Centre) issued a joint advisory today, warning of a sophisticated new malware campaign orchestrated by People’s Republic of China (PRC)…
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, December 5th, 2025…
An AI for an AI: Anthropic says AI agents require AI defense
Automated software keeps getting better at pilfering cryptocurrency Anthropic could have scored an easy $4.6 million by using its Claude AI models to find and exploit vulnerabilities in blockchain smart contracts.… This article has been indexed from The Register –…
‘Signalgate’ Inspector General Report Wants Just One Change to Avoid a Repeat Debacle
The United States Inspector General report reviewing Secretary of Defense Pete Hegseth’s text messaging mess recommends a single change to keep classified material secure. This article has been indexed from Security Latest Read the original article: ‘Signalgate’ Inspector General Report…
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components…
SMS Phishers Pivot to Points, Taxes, Fake Retailers
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites…
React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk
React2Shell exposes critical flaws that let attackers run code on millions of apps. The post React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
AI Agents Create Critical Supply Chain Risk in GitHub Actions
PromptPwnd shows how simple prompt injections can let attackers compromise GitHub Actions and leak sensitive data. The post AI Agents Create Critical Supply Chain Risk in GitHub Actions appeared first on eSecurity Planet. This article has been indexed from eSecurity…
U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26828 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities…
Qilin Ransomware Claims Data Theft from Church of Scientology
Qilin ransomware claims it stole internal data from the Church of Scientology, sharing 22 screenshots as proof. The breach remains unconfirmed by the organization. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and…
Cloudflare Has Blocked 416 Billion AI Bot Requests Since July 1
Cloudflare CEO Matthew Prince claims the internet infrastructure company’s efforts to block AI crawlers are already seeing big results. This article has been indexed from Security Latest Read the original article: Cloudflare Has Blocked 416 Billion AI Bot Requests Since…
PRC spies Brickstromed their way into critical US networks and remained hidden for years
‘Dozens’ of US orgs infected Chinese cyberspies maintained long-term access to critical networks – sometimes for years – and used this access to infect computers with malware and steal data, according to Thursday warnings from government agencies and private security…
Hegseth needs to go to secure messaging school, report says
He’s not alone: DoD inspector general says the whole Defense Department has a messaging security problem US Defense Secretary Pete Hegseth definitely broke the rules when he sent sensitive information to a Signal chat group, say Pentagon auditors, but he’s…
Critical Vulnerabilities in React Server Components and Next.js
We discuss the CVSS 10.0-rated RCE vulnerabilities in the Flight protocol used by React Server Components. These are tracked as CVE-2025-55182 and CVE-2025-55182-66478. The post Critical Vulnerabilities in React Server Components and Next.js appeared first on Unit 42. This article…
Socomec DIRIS Digiware M series and Easy Config, PDF XChange Editor vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed an out-of-bounds read vulnerability in PDF XChange Editor, and ten vulnerabilities in Socomec DIRIS Digiware M series and Easy Config products. The vulnerabilities mentioned in this blog post have been patched…
LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist
LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original…
FBI Says DC Pipe Bomb Suspect Brian Cole Kept Buying Bomb Parts After January 6
The 30-year-old Virginia resident evaded capture for years after authorities discovered pipe bombs planted near buildings in Washington, DC, the day before the January 6, 2021, Capitol attack. This article has been indexed from Security Latest Read the original article:…
Marquis data breach impacted more than 780,000 individuals
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financial data, including names, addresses, SSNs, and card numbers, impacting over 780,000 people. Marquis…