SecurityWeek

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

UNC6588 exploited CVE-2025-55182 to download a backdoor named Compood, which has typically been used by Chinese hackers in ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet

“Bill Gates was bitching about us changing JS all the time,” Eich later recalled of the fall of 1996. Microsoft created its ...
The Hacker News

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

Active exploits target Sneeit plugin CVE-2025-6389 and ICTBroadcast CVE-2025-2611, enabling RCE, backdoors, and Frost DDoS ...
Forbes

Logitech Data Breach — What We Know As 0-Day Hack Attack Confirmed

I have always been a fan of Logitech mice, I mean, who isn’t? But I’m not a fan of reading the words “Logitech International S.A. ("Logitech") recently experienced a cybersecurity incident relating to ...
The New York Times

A Swath of Bank Customer Data Was Hacked. The F.B.I. Is Investigating.

SitusAMC, a technology vendor for real estate lenders, holds sensitive personal information on the clients of hundreds of its banking customers, including JPMorgan Chase. By Rob Copeland Stacy Cowley ...
Android Authority

New banking malware can stealth-hack your Android phone: Here's how to stay safe (Updated)

A malware, called “Sturnus,” has emerged, and it exploits Android’s accessibility features to spread on your phone even without you noticing. It gains access to your Android after being installed via ...

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

ZDNET's key takeaways Researchers disclosed a HashJack attack that manipulates AI browsers.Cato CTRL examined Comet, Copilot for Edge, and Gemini for Chrome.Could lead to data theft, phishing, and ...