Aggregator

Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)

Help Net Security
1 day 14 hours ago

A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development team warned on Wednesday. The maximum-severity vulnerability was privately reported by Lachlan Davidson and has been fixed. At this moment, there are no public reports of it being exploited by attackers and no confirmed public PoC exploits (for now). Nevertheless, affected users have been advised to upgrade to a non-vulnerable … More →

The post Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182) appeared first on Help Net Security.

Zeljka Zorz

Lynx

Dark Feed IO
1 day 14 hours ago

You must login to view this content

cohenido

ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories

The Hackers News
1 day 14 hours ago
Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other. Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing. DeFi exploit drains funds Critical yETH Exploit Used to Steal $9M
The Hacker News

Smile, You’re on Camera: A Live Stream from Inside Lazarus Group’s IT Workers Scheme 

Anyrun
1 day 14 hours ago

Editor’s note: This work is a collaboration between Mauro Eldritch from BCA LTD, a company dedicated to threat intelligence and hunting, Heiner García from NorthScan, a threat intelligence initiative uncovering North Korean IT worker infiltration, and ANY.RUN, the leading company in malware analysis and threat intelligence. The article was written by Mauro and Heiner. In this article, we’ll uncover an entire North Korean infiltration operation aimed […]

The post Smile, You’re on Camera: A Live Stream from Inside Lazarus Group’s IT Workers Scheme  appeared first on ANY.RUN's Cybersecurity Blog.

Mauro Eldritch and Heiner García Pérez

5 Threats That Reshaped Web Security This Year [2025]

The Hackers News
1 day 15 hours ago
As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies. Here are the five threats that reshaped web security this year, and
The Hacker News

Defensie wil bedrijven als bondgenoot voor afschrikking

Defensie.nl - Nieuwsberichten
1 day 15 hours ago
Nederland moet zich verdedigen tegen hybride dreigingen met (IT-)bedrijven als bondgenoot. Denk aan het aantal cyberaanvallen op organisaties het afgelopen jaar in Nederland. Deze zijn weer gestegen ten opzichte van voorgaande jaren. Dat zei staatssecretaris Gijs Tuinman eergisteren tijdens de IT-Leveranciersdag van het Joint Informatie Voorziening Commando in Barneveld.

Managed ad