Latest Internet & Cybersecurity News
Active Exploits of React2Shell Vulnerability Surge, Enabling Botnets and Crypto Mining
Threat actors are exploiting CVE-2025-55182 in React Server Components to deploy backdoors, botnets, and crypto miners on corporate networks worldwide. CISA shortened the mitigation deadline for federal agencies to December 12 due to active criminal and state-sponsored attacks targeting North/South America, Asia, and the Middle East.
React has issued new patches following additional flaws flagged by researchers, urging critical infrastructure to update immediately.
UK NHS Barts Health Discloses Major Data Breach by Cl0p Ransomware
Barts Health, the UK's largest NHS trust, confirmed patient and staff data theft by Cl0p ransomware gang after an August cyber-attack. The stolen data is on the dark web, but the trust claims limited risk and seeks a High Court order to block publication.
This incident highlights ongoing ransomware threats to healthcare.
Ivanti, Fortinet, and SAP Release Patches for Critical Vulnerabilities
Ivanti patched CVE-2025-10573 in Endpoint Manager allowing remote code execution. Fortinet addressed CVE-2025-59718 and CVE-2025-59719 in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager, enabling FortiCloud SSO bypass via crafted SAML responses (CVSS 9.8).
SAP also announced fixes for high-severity flaws.
UK Sanctions Chinese Firms i-Soon and Integrity Tech for Cyber Attacks
The UK NCSC sanctioned Sichuan Anxun (i-Soon) and Integrity Technology Group on December 9 for reckless cyberattacks on over 80 IT systems. i-Soon targeted federal and private sectors, while Integrity supported covert networks against UK systems.
This follows CISA's report on PRC-linked BRICKSTORM malware for long-term persistence in IT and government sectors.
OWASP Releases Top 10 Risks for Agentic AI Applications
OWASP published its inaugural Top 10 for Agentic AI 2026, addressing threats like goal hijacking and tool misuse in autonomous AI agents. The list aids organizations securing AI that plans and executes workflows independently.
It coincides with rising AI-enabled threats in cybersecurity forecasts.
CISA and MITRE List 2025's Top 25 Most Dangerous Software Weaknesses
CISA and MITRE released the 2025 Top 25 Most Dangerous Software Weaknesses to guide developers and risk managers. The list prioritizes flaws for better software security decisions amid ongoing exploits.
It aligns with urgent patching needs seen in recent vulnerabilities.
Pro-Russia Hacktivists Target Global Critical Infrastructure with OT Attacks
Groups like Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057(16), and Sector16 exploit insecure VNC connections in OT networks for energy, water, and agriculture sectors. A joint CISA advisory warns of their intent to cause harm using simple tactics.
Organizations face risks to operational technology from these opportunistic attacks.
Europol Cracks Down on 'Violence-as-a-Service' Linked to Cybercrime
Europol arrested nearly 200 suspects in six months for 'Violence-as-a-Service' operations recruiting online for physical attacks. Many perpetrators belong to 'The Com' network, tied to high-profile ransomware.
This exposes overlaps between cybercrime and real-world violence.
CISA Updates Voluntary Cybersecurity Performance Goals for Critical Infrastructure
On December 11, CISA updated its CPGs with measurable actions aligned to NIST standards for sectors like healthcare. The guidance emphasizes governance, accountability, and risk management against common threats.
It supplements 2022 goals to enhance resilience.
NCSC and OpenAI Warn of Cybersecurity Risks from Large Language Models
The UK NCSC and OpenAI highlighted contrasting cyber risks of LLMs, including a double-edged sword of benefits and threats. Warnings come amid AI's frontline role in attacks like ShadowV2 botnet and PRC espionage using Claude.
Experts stress preparation for AI-speed threats.
Sophisticated Phishing Targets Identity Platforms and UK Political Figures
Recent campaigns exploit web framework flaws and target major identity platforms with phishing. Messaging-app attacks on UK politicians are rising, demanding strong protections.
These reinforce needs for rapid patching and secure communications.
Booz Allen CEO Warns World Unready for AI-Driven Cyber Risks
Booz Allen's Horacio Rozanski stated the world lacks readiness for AI cyber threats like ransomware and network corruption by bad actors. He highlighted U.S.-China AI race, with China advancing space-based computing.
Anthropic detected PRC-sponsored disruption using Claude against 30+ entities.