Security Boulevard

Exploitation Efforts Against Critical React2Shell Flaw Accelerate

The exploitation efforts by China-nexus groups and other bad actors against the critical and easily abused React2Shell flaw in the popular React and Next.js software accelerated over the weekend, with ...
Infosecurity Magazine

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...

React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...
Cybernews

Despite Microsoft’s secret patch, LNK loophole remains viable for hackers to deliver malware

Microsoft has released a patch for link (LNK) files. However, it does not stop hackers from abusing them to deliver malware.
The Register-Herald

NY attorney general challenges authority of acting US attorney investigating her Trump lawsuits

New York Attorney General Letitia James is challenging the authority of an acting U.S. attorney in Albany who is ...