SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
SDxCentral

Ransomware Gangs Exploit VMware Log4Shell Vulnerability

“Our investigation shows that successful intrusions in these campaigns led to the deployment of the Night Sky ransomware,” Microsoft noted. Identified earlier this month by Twitter group ...
Bleeping Computer

Exploit released for Palo Alto PAN-OS bug used in attacks, patch now

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...

AI Just Hacked One Of The World's Most Secure Operating Systems

An AI agent just autonomously exploited a FreeBSD kernel vulnerability in four hours, signaling a fundamental shift in the ...
CSOonline

Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...
Hosted on MSN

Patch or perish: Vulnerability exploits now dominate intrusions

What good is a fix if you don't use it? Experts are urging security teams to patch promptly as vulnerability exploits now account for the majority of intrusions, according to the latest figures.… ...