At least five Chinese APTs exploiting React2Shell flaw for initial access
GTIG also observed multiple incidents, in which threat actors exploited CVE-2025-55182 to deploy XMRig.
Cybersecurity News - Page 24
Flawed ransomware from pro-Russia hacktivists lets victims decrypt files for free
VolkLocker’s encryptor relies on a hardcoded master key embedded directly in the malware binary.
Apple fixes two flaws actively exploited in the wild
One of the flaws is the same issue Google addressed last week in its Chrome browser.
Cyber Security Week in Review: December 12, 2025
In brief: Hackers are increasingly exploit the React2Shell flaw, Google, Microsoft and others patch zero-days in their products, and more.
Google addresses eighth Chrome zero-day of the year
Google withheld technical details, including the CVE identifier, saying coordination is still underway.
Hacker linked to Russian-backed CARR and Noname(16) groups charged in the US
Victoria Dubranova, aka “Vika,” “Tory,” and “SovaSonya,” was extradited to the United States earlier this year.
North Korean hackers deploy new EtherRAT malware in React2Shell attacks
The implant comes with sophisticated mix of features, including blockchain-based C2, multi-layered persistence, and a full Node.js runtime for evasion.
Fortinet, Ivanti patch critical authentication and code-execution flaws
Organizations are recommended to apply fixes as soon as possible.
Microsoft fixes over 50 flaws, including actively exploited zero-day
Microsoft has not disclosed details about how the flaw was used in the wild.
New JS#SMUGGLER campaign uses breached websites to deploy NetSupport RAT
The RAT grants attackers extensive access to infected systems.
Showing elements 231 - 240