The flaw is tracked as CVE-2025-54957 and its existence came to light in October 2025 after it was discovered by Google ...
The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
The National Computer Emergency Response Team (PKCERT) issued 53 cybersecurity advisories in 2025, warning users and ...
Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
Predator has remained available through the Intellexa spyware consortium despite US sanctions imposed in 2024 on ...
December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...
Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...
The final weeks of 2025 did not arrive quietly. A single software flaw rippled across the internet, healthcare providers disclosed deeply personal data exposures, and millions of everyday devices ...
Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback