React2Shell flaw (CVE-2025-55182) exploited for remote code execution
The availability of exploit code will likely lead to more widespread opportunistic attacks
Similar Posts
Clop extortion emails claim theft of Oracle E-Business Suite data
Bys sLawrence Abrams reports: Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems. According to Genevieve Stark, Head of Cybercrime and Information Operations Intelligence Analysis at GTIG, the campaign began in late September. “This activity began on……
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
Bys sThreat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck. The vulnerabilities are listed below – CVE-2025-6204 (CVSS score: 8.0) – A code injection vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker…
WA: Cyber-attacks problem for small hospitals
Bys sWe often hear about the challenges rural hospitals face in preventing and responding to cyberattacks. Here’s an article that provides some numbers for context. Don Gronning reports: Small hospitals have been a target of cyber criminals, hospital district CEO Kim Manus told Pend Oreille Hospital District No. 1 commissioners at their regular meeting Thursday, July…
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment. “Exploiting these flaws could allow attackers to gain persistent access as shadow administrators
Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws
Bys sNew research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling protocol flaws. The post Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws appeared first on SecurityWeek.
Data Leak? Crypto.com Fires Back At ‘Unfounded’ Allegations
Bys sChristian Encila reports: According to Bloomberg and several other news outlets, Crypto.com has pushed back against a report that a 2023 breach exposed user details and was kept from authorities. The story centers on a hacking group known as Scattered Spider and a young suspect who, according to reports, used phishing and social engineering to access an employee account…….