React2Shell flaw exploited to deploy KSwapDoor and ZnDoor backdoors
Attackers are abusing the flaw to achieve remote code execution in applications using React Server Components.
Cybersecurity News - Page 36
Critical FortiGate flaws come under active exploitation
Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO) logins on December 12.
Years-long Russian cyberespionage campaign targets Western critical infrastructure
The activity has been observed between 2021 and 2025 and has been attributed “with high confidence” to Russia’s GRU.
Phishing campaign targets Russian organizations with Phantom Stealer
Phantom Stealer is capable of harvesting sensitive data from cryptocurrency wallets, browsers, and desktop apps.
At least five Chinese APTs exploiting React2Shell flaw for initial access
GTIG also observed multiple incidents, in which threat actors exploited CVE-2025-55182 to deploy XMRig.
Flawed ransomware from pro-Russia hacktivists lets victims decrypt files for free
VolkLocker’s encryptor relies on a hardcoded master key embedded directly in the malware binary.
Apple fixes two flaws actively exploited in the wild
One of the flaws is the same issue Google addressed last week in its Chrome browser.
Cyber Security Week in Review: December 12, 2025
In brief: Hackers are increasingly exploit the React2Shell flaw, Google, Microsoft and others patch zero-days in their products, and more.
Google addresses eighth Chrome zero-day of the year
Google withheld technical details, including the CVE identifier, saying coordination is still underway.
Hacker linked to Russian-backed CARR and Noname(16) groups charged in the US
Victoria Dubranova, aka “Vika,” “Tory,” and “SovaSonya,” was extradited to the United States earlier this year.
Showing elements 351 - 360