The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive to federal agencies, calling for immediate patching of a critical React vulnerability amid escalating global exploitation. Agencies have now been instructed to apply fixes by December 12, 2025, underscoring the growing severity of the threat. The flaw, tracked as CVE-2025-55182 with a […]
Cybersecurity researchers have revealed a sophisticated Windows backdoor called NANOREMOTE that leverages the Google Drive API for command-and-control (C2) operations. Elastic Security Labs reported that the malware shows code similarities with FINALDRAFT (aka Squidoor), another implant using Microsoft Graph API for C2, attributed to the suspected Chinese threat cluster REF7707 (also known as CL-STA-0049, Earth
NANOREMOTE Malware Abuses Google Drive API for Stealthy Control of Windows Systems Read More »
A newly discovered and unpatched security vulnerability in Gogs is being actively exploited in the wild, with more than 700 compromised instances currently accessible over the internet. The findings were disclosed by Wiz following an investigation into a real world malware incident. The vulnerability, tracked as CVE-2025-8110 with a CVSS score of 8.7, affects the
Unpatched Gogs Zero Day Actively Exploited Across More Than 700 Instances Read More »
Security researchers are reporting sustained and widespread abuse of the React2Shell vulnerability, with attackers exploiting a maximum severity flaw in React Server Components to deploy cryptocurrency miners and several previously undocumented malware strains. According to new findings released by Huntress, threat actors are actively leveraging CVE-2025-55182, a critical unauthenticated remote code execution vulnerability in React
React2Shell Exploitation Spreads Crypto Miners and New Malware Across Multiple Sectors Read More »
Cybersecurity researchers have revealed a serious exploitation technique affecting enterprise applications built on the .NET ecosystem, enabling attackers to perform arbitrary file writes and potentially achieve remote code execution. The research was conducted by WatchTowr Labs, which internally named the issue SOAPwn. According to the researchers, the flaw stems from how certain .NET components process
.NET SOAPwn Flaw Enables File Writes and Remote Code Execution Through Rogue WSDL Read More »
A newly identified cyber campaign called JS#SMUGGLER is gaining attention after researchers observed attackers using compromised websites to distribute NetSupport RAT, a remote access tool capable of giving full control over victim devices. Security analysts from Securonix reported that the operation relies on several coordinated components including an obfuscated JavaScript loader, an HTML Application (HTA)
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deliver NetSupport RAT Read More »
A severe security weakness found in the Sneeit Framework plugin for WordPress is currently being abused across live sites, based on information shared by Wordfence. The flaw, tracked as CVE-2025-6389 with a CVSS rating of 9.8, affects every version up to 8.3. Developers fixed the issue in version 8.4 released on August 5, 2025. The
The United States Cybersecurity and Infrastructure Security Agency (CISA) has officially added a severe security flaw in React Server Components to its Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation attempts in live environments. React2Shell Classified as a Maximum Severity Threat The vulnerability is tracked as CVE-2025-55182 with a CVSS score of 10.0. It involves a remote
Critical React2Shell Flaw Added to CISA KEV After Active Exploitation Confirmed Read More »
Two China linked hacking groups have started weaponizing the newly revealed React Server Components vulnerability within hours of its public disclosure. The security flaw, tracked as CVE-2025-55182 with a maximum CVSS score of 10.0, allows unauthenticated remote code execution and has been patched in React versions 19.0.1, 19.1.2, and 19.2.1. AWS Detects Rapid Exploitation Attempts
Chinese Hackers Begin Exploiting the Newly Revealed React2Shell Vulnerability Read More »
A newly disclosed maximum severity vulnerability in React Server Components has raised significant alarm across the web development ecosystem. The flaw, assigned CVE-2025-55182 and nicknamed React2shell, allows attackers to execute code remotely without authentication simply by sending a specially crafted request to a Server Function endpoint. Nature of the Vulnerability The React Team stated that
Critical RSC Bugs in React and Next.js Enable Unauthenticated Remote Code Execution Read More »