CVE-2025-55182 (React2Shell): Remote code execution in React Server Components and Next.js
Learn more about the CVE-2025-55182 vulnerability affecting React Server Components and affecting Next.js. - Read more
’Tis the Season to Be Cyber-Wary: How Thales Protects Against Account Takeover During Peak...
The holiday shopping season is the busiest time of year for online retailers, and increasingly the most dangerous. As traffic surges and customers rush...
Seasonal Surge: Why HR Phishing Peaks in Q4 and the Seven Themes Behind It
By: Jacob Malimban, Intelligence TeamQ3 and Q4 of each year tend to see the most Human Resources (HR) task-related phishing threats, but the specific...
The Maturity Gap: The Next Frontier in Threat Intelligence
The Maturity Gap: The Next Frontier in Threat Intelligence ...
Intellexa’s Global Corporate Web
The author, Julian-Ferdinand Vögele, thanks Amnesty International's Security Lab for its ongoing reporting on the Intellexa and Predator spyware ecosystem. Today,...
UNC1549 Critical Infrastructure Espionage Attack
A suspected Iran-linked espionage group tracked as UNC1549 is actively targeting aerospace, defense, and telecommunications organizations across Europe and other regions. The threat actor...
Inside the CopyCop Playbook: How to Fight Back in the Age of Synthetic Media
Key Takeaways CopyCop is scaling AI-driven influence operations globally. The Russian influence network known as CopyCop has created more...
Decreasing Certificate Lifetimes to 45 Days
Let’s Encrypt will be reducing the validity period of the certificates we issue. We currently issue certificates valid for 90 days, which will be...
CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote...
At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager...
Zilvia.net – 287,863 breached accounts
In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email...
Latest article
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency
Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online,...
Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports...
