The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
The Hacker News

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco released updates for a medium-severity ISE and Snort 3 flaws, including CVE-2026-20029 with a public PoC, and reports ...
Computer Weekly

Sonatype CEO on self-service: The vulnerability data gap undermining AI-driven development

Increasingly, self-service tools and internal developer platforms (IDPs) are configured to make critical decisions, but ...

Google Chrome 143 Security Bypass — 3 Billion Users At Risk

This Google Chrome vulnerability could leave your apps exposed to attack. You have been warned. Update your browser now.
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Radware Unveils “ZombieAgent”: A Newly Discovered Zero-Click, AI Agent Vulnerability Enabling Silent Takeover and Cloud-Based Data Exfiltration

Radware ® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today announced the discovery of ZombieAgent, a new zero-click indirect prompt ...
Security Boulevard

Apple’s App Store Source Map Leak: A Preventable Vulnerability We Found in 70% of Organizations

Apple’s App Store source map leak shows a preventable risk we found in 70% of organizations shipping production web apps.
Opinion
Computer WeeklyOpinion

Addressing UK’s technical debt is only way to secure country’s digital future

The recently announced Cybersecurity and Resilience Bill is a welcome move by the UK government to continue evolving its security strategy. But we are ignoring a critical vulnerability that could ...

Cisco warns of Identity Service Engine flaw with exploit code

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin ...
SecurityWeek

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes

Meta starts addressing WhatsApp vulnerabilities that expose user metadata that allows adversaries to ‘fingerprint’ a device’s ...