GovInfoSecurity

RondoDox Botnet Exploiting Devices With React2Shell Flaw

Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...
Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...
Dark Reading

5 Threats That Defined Security in 2025

2025 included a number of monumental threats, from global nation-state attacks to a critical vulnerability under widespread ...
Cybernews

Wavlink routers and other IoT devices hit by React2Shell attacks

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.
National Law Review

Here Are the Five Top Security Threats from 2025

Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 ...