December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

There was an error while loading. Please reload this page. This epxloit relies on a buffer overflow vulnerability when receiving voice chat data from other people in ...

Vulnerability Detection Authors, Creators & Presenters: Hengkai Ye (The Pennsylvania State University), Hong Hu (The Pennsylvania State University) PAPER Too Subtle to Notice: Investigating Executable ...

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high ...

“It’s mine! I saw it first!” That’s what you might expect to hear from a child who’s found money or a toy, and it’s how cybercriminals respond to finding zero-day vulnerabilities, or holes in networks ...

There are errors (bugs) and security vulnerabilities in the code of almost all software. The more extensive the code, the more there are. Many of these security flaws are discovered over time by users ...

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...

Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical React2Shell security flaw in React Server Components (RSC) to deliver a previously ...

An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. An increasing number of threat actors have been attempting to exploit the ...