RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell ...

School without schools: The Pa. kids who attend cyber school in a building

Enrollment in Pa.’s largest cyber school is booming despite a growing consensus that students learn best in-person. Some are ...

Revealed: England's best tiny museums

Discover England’s most charming tiny museums, from quirky village collections to creative micro-galleries, all perfect for a ...
CRN

The 10 Biggest AI News Stories Of 2025

The AI industry in 2025 saw big-money acquisitions, advancements in virtual assistants and agent orchestration and new ...

They Say They’re Protesters. The DOJ Says They’re Terrorists.

The federal government rounded up 18 activists tied to an anti-ICE protest in Texas, claiming they were part of an antifa ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
The Hacker News

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...