News

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

Bys s January 14, 2026

The availability of exploit code will likely lead to more widespread opportunistic attacks

Tags: Threat Research, Featured, vulnerability, react2shell

News

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Bys s January 6, 2026

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of the extensions, which collectively have over 900,000 users, are below – Chat GPT for Chrome with GPT-5, Claude Sonnet &…

Read More Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
News

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
Bys s October 3, 2025

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has…

Read More Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
News

Semgrep Raises $100M for AI-Powered Code Security Platform
Bys s February 6, 2025

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek.

Read More Semgrep Raises $100M for AI-Powered Code Security Platform
News

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
Bys s November 24, 2025

Bill Toulas reports: Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in the npm registry in a new Shai-Hulud supply-chain campaign. The malicious packages have been added to NPM (Node Package Manager) over the weekend to steal developer and continuous integration and continuous delivery (CI/CD) secrets…….

Read More Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
News

How Interlock Ransomware Infects Healthcare Organizations
Bys s January 29, 2025

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. This breach shows just how deeply ransomware

Read More How Interlock Ransomware Infects Healthcare Organizations
News

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Bys s February 18, 2025

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465 – The OpenSSH client

Read More New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

Similar Posts