The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...
SecurityWeek

Adobe ColdFusion Servers Targeted in Coordinated Campaign

GreyNoise says a recently observed Adobe ColdFusion exploitation campaign is linked to a massive initial access broker operation.

Thousands of servers exposed as MongoBleed vulnerability exploited

In its writeup, BleepingComputer confirms that there are roughly 87,000 potentially vulnerable instances exposed on the ...