React2Shell flaw (CVE-2025-55182) exploited for remote code execution
The availability of exploit code will likely lead to more widespread opportunistic attacks
Tags: Threat Research, Featured, vulnerability, react2shell
Similar Posts
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Bys sEuropol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world. In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that are associated with the now-defunct platforms. “The suspects are believed to be…
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
Bys sCybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. “The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week. “It…
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises
Bys sPhishing-as-a-Service (PhaaS) platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA, a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditional defenses. Already spotted in campaigns across the US and EU, Salty2FA puts enterprises at
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Bys sAmazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. “This discovery highlights the trend of threat actors focusing on critical identity and network access control…
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below – CVE-2025-0108 (CVSS score: 7.8) – An authentication bypass vulnerability in the Palo Alto…
Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation
Bys sIn one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around…