React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos analysts are investigating the widespread exploitation of a critical vulnerability dubbed ‘React2Shell’ that affects React Server Components versions 19.0.0,...
exploitation
JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability
JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability Pierluigi Paganini December 05, 2025 Array Networks AG gateways have...
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems
Oct 31, 2025Ravie LakshmananEndpoint Security / Cyber Espionage The exploitation of a recently disclosed critical security flaw in Motex Lanscope...
Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code execution vulnerability (CVE-2025-59287) in Microsoft’s Windows Server Update...
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from...
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security...
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called...
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation Pierluigi Paganini September 05, 2025 Experts warn of an actively exploited vulnerability,...
Russian Cybercriminals Utilize CVE-2025-26633 through MSC EvilTwin for Distributing SilentPrism and DarkWisp
Those responsible for exploiting a newly-fixed security flaw in Microsoft Windows are now circulating two fresh covert means of access...
Above 400 IP Addresses Utilizing Various SSRF Weaknesses in Organized Cyber Assault
A cybersecurity organization called GreyNoise is cautioning about a "coordinated increase" in the abuse of Server-Side Request Forgery (SSRF) vulnerabilities...
IT Supply Chains Used by Silk Typhoon for Cyber Attacks on Corporate Networks
The cyber attack group with ties to China, previously responsible for exploiting vulnerabilities in Microsoft Exchange servers earlier this year,...
PostgreSQL Weakness Utilized Alongside BeyondTrust Zero-Day in Focused Offensives
Assailants responsible for leveraging a zero-day weakness in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) solutions in December...
Over 15,000 Four-Faith Routers Vulnerable to Fresh Vulnerability Because of Standard Credentials
Reports from VulnCheck reveal that numerous Four-Faith routers are at risk due to default credentials, with over 15,000 devices currently...
Cisco Alerts Users About Exploitation of Antique ASA WebVPN Flaw
On Monday, Cisco revised a notification to alert clients about ongoing exploitation of a ten-year-old vulnerability affecting its Adaptive Security...
Romantic Comedy Utilizes Zero-Day Vulnerabilities in Firefox and Windows to Carry Out Advanced Cyberassaults
The hacker group associated with Russia dubbed RomCom has been connected to the exploitation of two previously unknown security vulnerabilities....
