RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell infections. They also shared a list of indicators of compromise (IoC) which can ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...

School without schools: The Pa. kids who attend cyber school in a building

Enrollment in Pa.’s largest cyber school is booming despite a growing consensus that students learn best in-person. Some are ...

Revealed: England's best tiny museums

Discover England’s most charming tiny museums, from quirky village collections to creative micro-galleries, all perfect for a ...
CRN

The 10 Biggest AI News Stories Of 2025

The AI industry in 2025 saw big-money acquisitions, advancements in virtual assistants and agent orchestration and new ...
The Hacker News

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...

This Desktop Doohickey Will Bring Your Physical SNES Games to Your PC

Epilogue, which sells the popular GB Operator, is planning to ship its $60 SN Operator starting in April of next year. The ...
CSO Online

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.