Active Exploitation Alert
224 posts | Page 5 of 10
Active Exploitation Alert
Rescana Threat Intelligence Report: Widespread Exploitation of React Server Components via CVE-2025-55182 (React2Shell)
Active Exploitation Alert
PyStoreRAT Malware Campaign: Fake OSINT and GPT GitHub Repositories Target Security Researchers and Cryptocurrency Users
Active Exploitation Alert
Critical Sierra Wireless AirLink ALEOS Router Vulnerability (CVE-2018-4063) Added to CISA KEV After Active Exploitation Enables Remote Code Execution
Active Exploitation Alert
Apple Urgently Patches WebKit Zero-Day Vulnerabilities Exploited in Targeted Attacks Affecting iOS, macOS, and Safari
Active Exploitation Alert
AI-Driven Phishing Kits Target Microsoft 365 and European Banks with Advanced MFA Bypass Techniques
Active Exploitation Alert
Zero-Click Vulnerability in Perplexity Comet Browser Allows Full Google Drive Deletion via Crafted Emails
Active Exploitation Alert
ShadowMQ Vulnerabilities: Over 30 Critical Flaws in Meta Llama, NVIDIA TensorRT-LLM, vLLM, and Other AI Inference Engines Enable Data Theft and Remote Code Execution
Active Exploitation Alert
React2Shell (CVE-2025-55182): Mass Exploitation of React Server Components and Next.js Threatens 77,000 Systems and 30+ Organizations
Active Exploitation Alert
Critical XXE Vulnerability CVE-2025-66516 (CVSS 10.0) in Apache Tika Enables File Disclosure, SSRF, and Remote Code Execution – Immediate Patch Required
Active Exploitation Alert
Barts Health NHS Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
StealC V2 Infostealer Delivered via Malicious Blender 3D Asset Files: Threat Analysis and Mitigation
Active Exploitation Alert
Shai-Hulud npm Supply Chain Attack: 640 Malicious Packages Compromise JavaScript Ecosystem
Active Exploitation Alert
JackFix Attack Targets Windows and macOS: Advanced Social Engineering Bypasses ClickFix Security Controls
Active Exploitation Alert
Dartmouth College Data Breach: Clop Ransomware Exploits Oracle E-Business Suite Zero-Day (CVE-2025-61882)
Active Exploitation Alert
BADBOX 2.0 and Vo1d Botnets: Android TV Streaming Box Infections, Impacted Models, and Mitigation Strategies
Active Exploitation Alert
Tsundere Botnet Targets Windows Users with Fake Game Installers and Ethereum-Based C2 Infrastructure
Active Exploitation Alert
Salesforce Security Incident: Unauthorized Data Access via Compromised Gainsight OAuth Integrations
Active Exploitation Alert
Iberia Airline Club Loyalty Data Exposed in Third-Party Vendor Breach: Incident Analysis and Mitigation Steps
Active Exploitation Alert
Critical Zero-Day Exploited in Oracle Identity Manager (CVE-2025-61757): Pre-Auth RCE Vulnerability Analysis and Mitigation
Active Exploitation Alert
Critical CVE-2025-41115 SCIM Vulnerability in Grafana Enterprise Allows Remote Impersonation and Privilege Escalation
Active Exploitation Alert
Cox Enterprises Data Breach: Cl0p Ransomware Exploits Oracle E-Business Suite Zero-Day Vulnerability (CVE-2025-61882)
Active Exploitation Alert
APT31 Exploits Yandex.Browser and Cloud Services in Stealthy Cyberattacks on Russian IT Sector
Active Exploitation Alert
Eurofiber France Customer Data Breach: Hacker Attempts to Sell Compromised Information from Customer Data Systems
Active Exploitation Alert