More results...
The UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has launched the Proactive Notification Service, a groundbreaking program th…
A newly disclosed security flaw in the open-source monitoring platform Cacti could allow attackers to execute arbitrary commands on vulnerable servers. The issue, rated High severity and tracked as CVE-2025-66399, affects Cacti vers…
AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.
The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued a joint alert warning of a sophisticated new malware campaign dubbed “BRICKSTORM.” Accordi…
Cloudflare’s Q3 2025 DDoS Threat Report reveals the Aisuru botnet launched a record 29.7 Tbps attack. Learn which sectors were the most targeted, and the key drivers behind the surge in attacks.
Cybersecurity startup AISLE discovered a Medium severity flaw in the WebXR component of Chrome, Edge, and other Chromium browsers. Over 4 billion devices were at risk. Update now.
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development team warned on Wednesday. The maximum-severity vulnerability…
A high security vulnerability has been discovered in Vim for Windows that could allow attackers to run malicious code on affected systems. The flaw, tracked as CVE-2025-66476, affects Vim versions earlier than 9.1.1947 and received a high severity rati…
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.
The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.
Akamai has fixed a vulnerability in its edge servers that could have allowed HTTP Request Smuggling attacks. The issue was entirely resolved on November 17, 2025, and the company says no action is needed from customers. The flaw is now tracked as CVE-2…