React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...

New wave of VPN login attempts targets Palo Alto GlobalProtect portals

A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicOS API endpoints.

FBI warns of virtual kidnapping scams using altered social media photos

The FBI warns that criminals are altering images shared on social media and using them as fake proof of life photos in ...

Barts Health NHS discloses data breach after Oracle zero-day hack

Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a ...

CISA warns of Chinese "BrickStorm" malware attacks on VMware servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote ...

Hackers are exploiting ArrayOS AG VPN flaw to plant webshells

Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and ...

Cloudflare down, websites offline with 500 Internal Server Error

Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare is investigating the reports.

EU fines X $140 million over deceptive blue checkmarks

The European Commission has fined X €120 million ($140 million) for violating transparency obligations under the Digital ...

Pharma firm Inotiv discloses data breach after ransomware attack

American pharmaceutical firm Inotiv is notifying thousands of people that they're personal information was stolen in an ...

Microsoft 365 license check bug blocks desktop app downloads

Microsoft is investigating and working to resolve a known issue that prevents customers from downloading Microsoft 365 ...