React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...
Business Times

Microsoft Quietly Fixes Windows LNK Zero-Day After Years of Global Exploitation by State ...

Microsoft quietly issued a fix for a long-exploited Windows zero-day vulnerability in its November security updates, closing ...

Microsoft Silently Fixes 8-Year Windows Security Flaw

The flaw, tracked as CVE-2025-9491, allowed cybercriminals to hide malicious commands from users inspecting files through Windows' standard interface.
The Hacker News

ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories

Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, ...

Russian speaking hacking group now shifting focus to government targets

Tomiris, a Russian-speaking APT hacking group, has narrowed down its attack focus to target government ministries, intergovernmental organizations, and politically significant institutions.