Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft says Windows PowerShell now warns when running scripts that use the…
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties…
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure…
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have…
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Dec 05, 2025Ravie LakshmananApplication Security / Vulnerability A critical security flaw has…
React2Shell critical flaw actively exploited in China-linked attacks
Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React…
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
Threat actors have been exploiting a command injection vulnerability in Array AG…
Critical React, Next.js flaw lets hackers execute code on servers
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows…
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has…