SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
Decrypt

Veltrixa Introduces Audited AI Trading Platform Designed to Support Data-Driven Crypto Execution

Veltrixa, operating through Veltrixa.ai and Veltrixa.io, has launched an AI-powered crypto trading platform designed to bring ...
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

The key themes that defined the year behind us will also shape the one ahead. The most-read articles of 2025 tracked a return ...
The Hacker News

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...

8.8 Million Google Chrome, Microsoft Edge, and Opera Users Compromised

A newly uncovered Chinese threat group known as DarkSpectre has been linked to one of the most widespread browser extension ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
CSO Online

Top 5 real-world AI security threats revealed in 2025

Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — ...