React2Shell (CVE-2025-55182) is a critical, pre-auth remote code execution weakness in React Server Components that impacts multiple React versions used across the React 19 ecosystem. WXA Internet Abuse Signal Collective (WXA IASC) is inaugurating To Cache A Predator, a threat research…
Tag: EN
New ‘SSHStalker’ Linux Botnet Uses Old Techniques
Estimated to have infected 7,000 systems, the botnet uses a mass-compromise pipeline, deploying various scanners and malware. The post New ‘SSHStalker’ Linux Botnet Uses Old Techniques appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Flickr Reveals Data Breach Originating From Third Party Systems
A security incident affecting the user data of popular photo sharing platform Flickr has been confirmed to be the result of a compromise within a third-party service integrated into Flickr’s operation, rather than the company’s core infrastructure. According to…
Singapore Telecoms Hit by China-Linked Cyber Espionage
Singapore’s cyber watchdog has disclosed that an advanced cyber espionage group — UNC3886, with which APT10 and Red October have been linked — was behind attacks that targeted the four major telecom operators last year. The affected companies were Singtel,…
Cybersecurity Breaches Emerge as top Business Risk for Indian Companies
Cybersecurity breaches and attacks have become the leading threat to business performance for Indian companies, with 51% of senior executives identifying them as their primary risk, according to a new survey released by FICCI and EY. The FICCI-EY Risk…
Birmingham Mental Health Authority Alerts More than 30,000 People to Ransomware-linked Data Breach
A public mental health authority in Birmingham, Alabama has notified more than 30,000 individuals that their personal and medical information may have been exposed in a data breach linked to a ransomware attack late last year. The informed 30,434…
Social Media Companies Accused Of Building ‘Casinos’
First of many cases in US begins, with plaintiff lawyer comparing addictive social media platforms to digital casinos This article has been indexed from Silicon UK Read the original article: Social Media Companies Accused Of Building ‘Casinos’
Silicon In Focus Podcast: Building Inclusive Tech Teams: Skills, AI, and the Future of Work
Exploring inclusive tech teams, AI, skills and the future of work with insights from Workday on building diverse, human-centric digital enterprises. This article has been indexed from Silicon UK Read the original article: Silicon In Focus Podcast: Building Inclusive Tech…
APT36 Targets Linux Systems With New Tools Designed to Disrupt Services
Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored “espionage ecosystems.” These well-funded organizations deploy various tools designed to disrupt essential services and gather intelligence. Some launch denial-of-service (DDoS) attacks against transport hubs and supply chains. In contrast, others seek…
Socelars Malware Targets Windows Systems to Steal Sensitive Data
Security researchers are tracking Socelars, an information-stealing Trojan aimed at Windows users that focuses on quietly harvesting browser-based access rather than damaging files. The malware is designed to collect authenticated session data and other system identifiers that can let attackers reuse…
Senegal shuts National ID office after ransomware attack
Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After…
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from…
Singapore Takes Down Chinese Hackers Targeting Telco Networks
Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation This article has been indexed from www.infosecurity-magazine.com Read the original article: Singapore Takes Down Chinese Hackers Targeting Telco Networks
Pride Month Phishing Targets Employees via Trusted Email Services
Attackers are using Pride Month themed phishing emails to target employees worldwide, abusing trusted email platforms like SendGrid to harvest credentials. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
UNC1069 Targets Financial Firms With New Tools and AI-Driven Social Engineering Attacks
North Korean threat actor UNC1069 has escalated attacks against the cryptocurrency and decentralized finance (DeFi) sector using sophisticated AI-powered social engineering tactics and seven distinct malware families, according to a recent Mandiant investigation. The financially motivated group, active since 2018,…
Threat Actors Weaponize Bing Ads for Azure Tech Support Scams
A sophisticated tech support scam campaign has emerged, exploiting malicious advertisements on Bing search results to redirect victims to fraudulent websites hosted on Microsoft’s Azure Blob Storage platform. The attack, first detected on February 2, 2026, affected users across 48…
Unpatched SolarWinds WHD instances under active attack
Internet‑exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ networks, Microsoft and Huntress researchers have warned. Once inside, the attackers are deploying legitimate remote access…
NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
BeyondTrust Patches Critical RCE Vulnerability
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication. The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: BeyondTrust Patches…
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version…