cve-2025-55182
92 articles with this tag
✨
AI summary
Loading…
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
AI Threat Landscape Digest March-April 2026
How Huntress Uses Managed SIEM to Detect Threats Faster
At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026
Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
New PCPJack worm steals credentials, cleans TeamPCP infections
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Untangling a Linux Incident With an OpenAI Twist (Part 2)
27th April – Threat Intelligence Report
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
Critical nginx UI tool vulnerability opens web servers to full compromise
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
[webapps] React Server 19.2.0 - Remote Code Execution
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
The Hidden Security Risks of Shadow AI in Enterprises
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
React2Shell Remote Code Execution
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
Understanding Current Threats to Kubernetes Environments
Hackers exploit React2Shell in automated credential theft campaign
Security lapse lets researchers view React2Shell hackers’ dashboard
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
The democratisation of business email compromise fraud
UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications
Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Google: Cloud attacks exploit flaws more than weak credentials
Exploits and vulnerabilities in Q4 2025
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Attackers Use New Tool to Scan for React2Shell Exposure
Investigating CVE-2025-9491: Hidden arguments in .LNK
Worm-driven TeamPCP campaign targets cloud environments for large-scale exploitation
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure - Live Threat Intelligence - Threat Radar | OffSeq.com
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network
Threat actors hijack web traffic after exploiting React2Shell vulnerability
Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers
Threat actors hijack web traffic after exploiting React2Shell vulnerability: Report
When responsible disclosure becomes unpaid labor
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations