A maximum severity vulnerability, dubbed ‘React2Shell’, in the React Server Components (RSC) ‘Flight’ protocol allows remote code execution without authentication in React and Next.js applications. […]
Inotiv Says Personal Information Stolen in Ransomware Attack
Hackers stole the names, addresses, Social Security numbers, and financial and medical information of 9,542 people.
The post Inotiv Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
Reporters Without Borders Targeted by Russian Hackers
The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF).
The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.
Microsoft 365 license check bug blocks desktop app downloads
Microsoft is investigating and working to resolve a known issue that prevents customers from downloading Microsoft 365 desktop apps from the Microsoft 365 homepage. […]
Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT
The 25-page document outlines four principles for securely integrating AI with operational technology.
The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWeek.
CISA Launches New Platform to Strengthen Industry Engagement and Collaboration
CISA, NSA and Cyber Centre Warn Critical Infrastructure of BRICKSTORM Malware Used by People’s Republic of China State-Sponsored Actors
Personal Information Compromised in Freedom Mobile Data Breach
Freedom Mobile says hackers stole customers’ personal information from its account management platform.
The post Personal Information Compromised in Freedom Mobile Data Breach appeared first on SecurityWeek.
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other.
Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing.
Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing.
DeFi exploit drains funds
Critical yETH Exploit Used to Steal $9M
5 Threats That Reshaped Web Security This Year [2025]
As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies.
Here are the five threats that reshaped web security this year, and
Here are the five threats that reshaped web security this year, and