Latest Internet & Cybersecurity News
Critical React2Shell Flaw Actively Exploited by China-Linked Hackers
The severe React2Shell vulnerability (CVE-2025-55182) is being widely exploited by multiple China-linked threat actors targeting cloud and web applications. AWS and other major platforms report attempted exploits, prompting emergency patching and inclusion in CISA's Known Exploited Vulnerabilities catalog.
CodeRED Ransomware Attack Disrupts Emergency Alert Services
The OnSolve CodeRED emergency notification system suffered a ransomware attack by INC Ransom group, causing outages and data breaches affecting several U.S. local governments. Authorities urged residents to reset passwords after exposure of clear-text credentials, highlighting risks in life-safety alerting systems.
Coupang Data Breach Exposes 33.7 Million Customer Accounts
E-commerce giant Coupang confirmed a data breach affecting over 33 million users in East Asia. Unauthorized access occurred for five months exploiting weaknesses in multiple software components including WordPress plugins and React2Shell vulnerabilities.
Cloudflare Mitigates Record-Breaking 29.7 Tbps DDoS Attack
Cloudflare successfully blocked what is recorded as the largest distributed denial-of-service attack reaching 29.7 terabits per second, originating from the AISURU botnet-for-hire. This attack demonstrates an increase in hyper-volumetric DDoS threats to global internet infrastructure.
Pharma Firm Inotiv Confirms Major Cyberattack and Data Theft
Inotiv disclosed a cyberattack in early August 2025 causing system outages and data leaks. The company is complying with legal notifications while restoring operational networks amidst evolving cybersecurity threats in healthcare research.
Healthcare Cyber Insurance Sees Rising Risk Amid Ransomware and Litigation
The healthcare industry faces an inflection point for cyber insurance due to escalating ransomware attacks and legal challenges, prompting industry-wide reevaluation of cybersecurity and risk management approaches.
AXA XL Joins ISASecure to Promote Industrial Cybersecurity Standards
Insurance giant AXA XL became part of ISASecure certification program to strengthen cybersecurity risk prevention in industrial automation and control systems, adhering to ISA/IEC 62443 standards.
FBI Warns of Fake Social Media Photos Altered to Create False Evidence
The FBI issued an alert on the rising criminal use of manipulated social media images to fabricate fake evidence, underscoring emerging threats in digital image authenticity and social engineering scams.
New GhostFrame Phishing Kit Powers Large-Scale Deception Campaigns
Security analysts detected a sophisticated phishing kit named GhostFrame spreading globally to harvest credentials. The campaign’s scale indicates high threat actor investment in stealth phishing infrastructure.
NVIDIA and WatchGuard Release Critical Security Patches for Server and Firewall Vulnerabilities
NVIDIA issued urgent patches for Triton Interface Server to prevent remote denial-of-service attacks. WatchGuard disclosed critical vulnerabilities allowing code injection into Firebox firewall appliances, necessitating immediate updates by organizations.