Latest Internet & Cybersecurity News
Malicious React2Shell Scanner Targets Researchers
Microsoft reported exploitation of React2Shell in React Server Components, with real-world attacks using post-exploitation payloads like coin miners. Organizations should treat successful pre-auth RCE as credential compromise and rotate secrets. Threat actors are actively targeting researchers with this scanner.
China-Linked Ink Dragon Expands Espionage to Europe
The China-linked Ink Dragon group has expanded operations into European government environments, using compromised servers for espionage. This marks a broadening of their global activities beyond initial targets.
CISA Adds Multiple Flaws to KEV Catalog
CISA included vulnerabilities in Gladinet CentreStack, Triofox, Apple products, and CVE-2025-14611 (hard-coded crypto flaw) in its Known Exploited Vulnerabilities Catalog, indicating active threat actor use. Federal agencies must prioritize remediations.
Google Android Security Bulletin Reveals Active Zero-Days
Google's update highlighted CVE-2025-48633 and CVE-2025-48572 in Android Framework under limited targeted exploitation, allowing info disclosure and privilege escalation. Users should apply patches immediately to secure devices.
SonicWall SMA1000 Zero-Day Attacks Underway
Threat actors exploited CVE-2025-40602 in SonicWall edge access devices for unauthorized network entry, added to CISA KEV list. These serve as prime ransomware entry points; apply emergency patches.
Active Exploitation of Fortinet Authentication Bypass Flaws
Check Point researchers spotted exploitation of critical CVE-2025-59718 and CVE-2025-59719 in FortiGate, FortiOS, and FortiWeb, enabling authentication bypass. IPS protections are available against these threats.
Trump Administration Prepares 2026 Cybersecurity Strategy
The US is drafting a five-page national strategy around six pillars, set for January 2026 release, possibly followed by an executive order. This addresses accelerating threats from nation-states and criminals.
10 Biggest Healthcare Data Breaches of 2025 Exposed
Over 20 million affected in top breaches, including Yale New Haven (5.5M), Episource (5.4M from ransomware), and Blue Shield of CA (4.7M). Total impacts exceed 35 million, rising post-shutdown.
US Charges 12 Chinese Hackers in Global Campaigns
Justice Department indicted 12 Chinese contractors and officers for intrusions into US agencies, infrastructure, aerospace, and more, tied to Ministry of State Security. Operations targeted pandemic research and activists.
Chinese Network Leak Exposes 4 Billion Records
A 631GB unprotected database revealed personal data from Alipay, WeChat including phones, addresses, and behavioral info. Security researchers uncovered this massive exposure.
LockBit, Qilin, DragonForce Form Ransomware Alliance
Ransomware groups allied in 2025, sharing infrastructure for faster, unpredictable attacks, overlapping toolsets and leak sites. This reduces effectiveness of single-group tracking.
AI-Driven Cyberattacks Scale Massively in 2025
Generative AI fueled phishing, vulnerability scanning, and malware, marking the year's dominant trend per cybersecurity reviews. Lessons urge stronger defenses into 2026.