RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...

8.8 Million Google Chrome, Microsoft Edge, and Opera Users Compromised

A newly uncovered Chinese threat group known as DarkSpectre has been linked to one of the most widespread browser extension ...
CSO Online

Patch Tuesday 2025 roundup: The biggest Microsoft vulnerabilities of the year

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...
CSO Online

Top 5 real-world AI security threats revealed in 2025

Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — ...

Five years of Techade: AI lifts productivity, caps headcount, reshapes IT cost structures

The revenue mix from AI, cloud, and advanced digital services has risen sharply, from about 25% five years ago to nearly 60% ...
Information Age

Tech predictions for 2026 – AI, cybersecurity, data and more

As we head into the New Year, experts across the tech landscape weigh in to share what they think will happen in 2026 ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...
Tax Guru

Technical & Operational Impediments in Implementation of Section 139(8A)

Explore the legal and technical hurdles in filing Updated Returns under Section 139(8A), including Excel utility dependencies and procedural ...