Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.

The zero-day exploitations of Ivanti's MDM platform meant unprecedented pwning of 1000s of orgs by a Chinese APT — and ...

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...

Predator has remained available through the Intellexa spyware consortium despite US sanctions imposed in 2024 on ...

A cybersecurity researcher at Thales has demonstrated that a single e-book, imported outside official channels, can be enough to exploit a vulnerability that could give hackers full control of the ...