The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation.
acm.org

AI Cyberthreats: The Surge of AI-Borne Threats

This is the first part of a two-part series on AI and cybersecurity. Part 2 will look at how AI is being used to counter new cyberthreats. Cybersecurity experts are warning that generative AI is ...
GitHub

Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

See openssh.patch for a simple patch to openssh that logs any connection attempt with a public key N matching the backdoor format. The backdoor uses a hardcoded ED448 public key for signature ...
The Hacker News

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high ...