React2Shell Wave Drops Miners and Novel Linux Malware

React2Shell Wave Drops Miners and Novel Linux Malware

December 11, 2025 at 12:00 AM
Threat actors are aggressively exploiting React2Shell, a maximum-severity flaw in React Server Components (CVE-2025-55182), to deliver cryptominers and several newly observed malware families across …
Read more
NANOREMOTE Backdoor Hides C2 in Google Drive Traffic

NANOREMOTE Backdoor Hides C2 in Google Drive Traffic

December 11, 2025 at 12:00 AM
Elastic Security Labs has profiled NANOREMOTE, a fully featured Windows backdoor that covertly uses the Google Drive API for command-and-control. The approach enables stealthy data theft and payload …
Read more
Schrodinger’s Cat and the Quantum Breach Reality

Schrodinger’s Cat and the Quantum Breach Reality

December 11, 2025 at 12:00 AM
If you don’t look inside your environment, you can’t know its true state—and attackers count on that. Think of your business like Schrodinger’s famous cat: both breached and not breached until you …
Read more
Chrome hit by in-the-wild ANGLE zero-day; update now

Chrome hit by in-the-wild ANGLE zero-day; update now

December 11, 2025 at 12:00 AM
Google has released emergency Chrome patches for three security issues, including a high-severity vulnerability already exploited in the wild. Initially kept under wraps, the flaw is now tracked as …
Read more
Gladinet static keys abused for file access and RCE

Gladinet static keys abused for file access and RCE

December 11, 2025 at 12:00 AM
Hackers are actively exploiting a hard-coded AES key flaw in Gladinet CentreStack and Triofox to forge access tickets, read web.config, and pivot to ViewState deserialization for remote code …
Read more
Stop Cloud Breaches: AWS, AI, and Kubernetes Attack Paths

Stop Cloud Breaches: AWS, AI, and Kubernetes Attack Paths

December 10, 2025 at 12:00 AM
Cloud attackers aren’t just forcing entry anymore—they’re slipping through misconfigurations, identity gaps, and code paths that look like normal activity. Traditional tools often miss these signals. …
Read more
WinRAR CVE-2025-6218 Under Active Attack: Patch Now

WinRAR CVE-2025-6218 Under Active Attack: Patch Now

December 10, 2025 at 12:00 AM
CISA has added WinRAR vulnerability CVE-2025-6218 (CVSS 7.8) to its Known Exploited Vulnerabilities catalog, confirming active exploitation by multiple threat groups. The flaw is a path traversal …
Read more
PCIe IDE Flaws Threaten Data Integrity in PCIe 5.0+

PCIe IDE Flaws Threaten Data Integrity in PCIe 5.0+

December 10, 2025 at 12:00 AM
Three newly disclosed vulnerabilities in the PCIe Integrity and Data Encryption (IDE) protocol could let a local attacker cause devices to process stale or incorrect data. The issues affect PCIe Base …
Read more
Make Sense of Security Tests: From MITRE to MQs

Make Sense of Security Tests: From MITRE to MQs

December 10, 2025 at 12:00 AM
Security reports may have long names, but they are powerful lenses for evaluating endpoint security. Use them together to build a balanced view of protection, detection, and response so you can …
Read more
Microsoft Patches 56 Bugs, 1 Exploited and 2 Zero-Days

Microsoft Patches 56 Bugs, 1 Exploited and 2 Zero-Days

December 10, 2025 at 12:00 AM
Microsoft closed 2025 with a December Patch Tuesday that fixes 56 vulnerabilities across Windows and related products, including one actively exploited flaw and two zero-days. Three issues are rated …
Read more

Next page
Privacy Policy

We use cookies!

We use cookies to ensure the proper functioning of our website, to provide you with a convenient browsing experience, and to improve its features, performance, and user experience through analytics.

Privacy Policy
Cookie settings

Use of Cookies

We use cookies to ensure the basic functionality of our website and analytical cookies to collect data for creating statistics aimed at improving the quality of our website. Below, you can customize each group and later change these settings at any time. For more details about cookies, please visit our page Privacy Policy.

Functional and Technical Cookies
These cookies are essential for the proper functioning of the website and cannot be disabled. They allow you to use the basic features of the site during your visit.
Analytical Cookies
These cookies help us understand website traffic so we know which pages are most popular and how visitors navigate our site. Analytical cookies do not collect personal data that would directly identify the user.
Marketing Cookies
These cookies are used to tailor ads and marketing content to your interests. They allow us and our partners to track your behavior on the website and create a profile so we can display relevant content. They are activated only after your consent.
Privacy Policy