RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
The Hacker News

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...
Dark Reading

Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?

The zero-day exploitations of Ivanti's MDM platform meant unprecedented pwning of 1000s of orgs by a Chinese APT — and ...