Latest Internet & Cybersecurity News
Critical React Vulnerability CVE-2025-55182 Exploited by Chinese Threat Actors
Chinese state-linked hacking groups Earth Lamia and Jackpot Panda aggressively exploit the critical React Server Components vulnerability CVE-2025-55182, dubbed 'React2Shell,' which carries the highest CVSS score of 10.0. The flaw impacts React 19.x and Next.js 15.x/16.x with App Router, with over 2.15 million sites potentially vulnerable, leading to widespread scanning and exploitation attempts shortly after disclosure.
Cloudflare Mitigates Record-Breaking Aisuru DDoS Attack at 14.1 Billion Packets per Second
Cloudflare defended against a new record Aisuru distributed denial-of-service (DDoS) attack peaking at 14.1 billion packets per second on December 5, 2025. This exceptional attack underscores the rising scale and complexity of cyber threats against internet infrastructure globally.
Major Data Breach Hits MAG Aerospace, Exposing Employee Data
MAG Aerospace, a U.S. military intelligence contractor, disclosed a data breach discovered in late August 2025 that exposed a limited set of employee personal information. The firm took measures including account disabling and law enforcement notification, with no evidence of data misuse so far.
Exploit Campaigns Target WordPress 'Sneeit' RCE and ICTBroadcast Vulnerabilities
Cybercriminals have actively exploited the Sneeit WordPress Remote Code Execution vulnerability since its November 24, 2025 disclosure, with over 131,000 attack attempts blocked recently. Concurrently, ICTBroadcast flaw CVE-2025-2611 is leveraged to deploy the 'Frost' DDoS botnet, featuring multiple CVE exploits with targeted propagation techniques.
European Commission Awards EU Cybersecurity Framework Contract to Capgemini
On December 8, 2025, Capgemini was selected by the European Commission’s Directorate-General for Digital Services (DIGIT) to support implementation of the EU cybersecurity framework, reinforcing Europe’s strategic resilience against cyber threats.
Holiday Season Sees Increased Cyber Attack Risks Including Phishing and Ransomware
December experiences a surge in cyberattacks, including a 46% increase in phishing alerts and a 30% rise in ransomware attempts, as attackers exploit staff shortages, distracted users, and configuration errors during year-end rushes.
AWS Reports Multiple China-Linked Threat Groups Exploiting React Vulnerability
Amazon Web Services threat intelligence confirms sustained activity by China-linked hacking groups exploiting CVE-2025-55182 with automated and manual methods, refining exploit payloads via extensive probing to compromise cloud-based React applications.
Significant M&A Activity in Cybersecurity Sector Enhances Security Posture
Notable mergers and acquisitions announced by Arctic Wolf, Bugcrowd, Huntress, Palo Alto Networks, and Zscaler aim to accelerate engineering, research, and integration efforts, addressing expanding cybersecurity demands worldwide.
WatchGuard Issues Patches for Six Critical Firebox Vulnerabilities
On December 4, 2025, WatchGuard released security updates addressing six critical vulnerabilities in Firebox appliances that could allow attackers to bypass security integrity checks, highlighting the importance of timely patching.
Security Experts Stress Securing AI Systems for Enhanced Cyber Resilience
The rise of AI in cybersecurity calls for robust security measures for AI itself. Recent discussions emphasize building trustworthy AI systems to withstand adversarial threats and contribute effectively to cyber defense.