Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.

Cybercriminals have found a lucrative niche in the shadow economy by trading stolen air miles for as little as 56p. A new investigation by NordVPN and travel eSIM provider Saily has exposed a massive ...

Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...

Following last Sunday’s terrorist attack at a Jewish festival at Bondi Beach in Sydney, Australian federal and state Labor governments are rushing to meet demands by Israeli Prime Minister Benjamin ...

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting urgent warnings across the tech industry. The bug — dubbed “React2Shell” — ...

Weeks after suffering a major exploit that drained over $110 million from its Balancer v2 vaults, Balancer DAO has begun discussing a plan to distribute roughly $8 million in recovered assets to ...