React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation.
The critical vulnerability, tracked as CVE-2025-55182 (CVSS score: 10.0), affects the React Server Components (RSC) Flight protocol. The underlying cause of the issue is an unsafe deserialization

The Hacker News – ​Read More

$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits

/in

Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.

The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.

SecurityWeek – ​Read More

Hamas-Linked Hackers Probe Middle Eastern Diplomats

/in

Hamas’s best hackers have been maturing, building better malware, and spreading their attacks more widely across the region.

darkreading – ​Read More

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity (XXE) flaw that affects all versions prior to

The Hacker News – ​Read More

Trump Signs Executive Order to Block State AI Regulations

/in

Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology.

The post Trump Signs Executive Order to Block State AI Regulations appeared first on SecurityWeek.

SecurityWeek – ​Read More

8 HDMI tricks I use to get the best performance from my TV – and most are free

/in

Think your TV setup is fine? These HDMI tricks can unlock performance and sound you didn’t know you were missing.

Latest news – ​Read More

This company’s AI success was built on 5 essential steps – see how they work for you

/in

From data foundations to storytelling techniques, here’s how to turn your AI projects into valuable production services.

Latest news – ​Read More

Warnings Mount in Congress Over Expanded US Wiretap Powers

/in

Experts tell US lawmakers that a crucial spy program’s safeguards are failing, allowing intel agencies deeper, unconstrained access to Americans’ data.

Security Latest – ​Read More

Attackers Exploited Gogs Zero-Day Flaw for Months

/in

Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed last year.

darkreading – ​Read More

Coworker or friend? How your chatbot’s role is shaped by device and time

/in

From work-related conversations on our desktops by day to personal advice on our phones after hours, AI now integrates ‘into the full texture of human life,’ a Microsoft study finds.

Latest news – ​Read More