Category: Cybercrime
-
Global Alert: React2Shell (CVE-2025-55182) Exploitation Escalated
On 16 December 2025, after several days its public disclosure, the critical React2Shell vulnerability (CVE-2025-55182) continues to be widely exploited worldwide, with both the breadth of compromised systems and the number of threat actors involved rising sharply. Researchers have tracked at least 30 confirmed organizational breaches attributed to this flaw and estimate that tens of
-
React2Shell Vulnerability (CVE-2025-55182) Widely Exploited
React2Shell is a critical unauthenticated remote code execution vulnerability tracked as CVE-2025-55182 in React Server Components and related frameworks like Next.js. The flaw arises because unsafe de-serialization in the internal Flight protocol allows attackers, without logging in or valid credentials, to send a specially crafted HTTP request that gets executed on the server. This gives
-
React Server Components (RSC) security vulnerability (React2Shell) (CVE-2025-55182)
CVE-2025-55182 is a critical pre-authentication remote code execution vulnerability in React Server Components. It affects specifically versions 19.0.0, 19.1.0, 19.1.1 and 19.2.0 of RSC packages: and frameworks that use these affected packages, including Next.js 15.x and 16.x using the App Router. The vulnerability has a maximum severity rating of CVSS 10.0. The vulnerable code unsafely
-
Scattered LAPSUS$ Hunters (SLH)
Scattered LAPSUS$ Hunters (SLH) is a federated cybercriminal alliance that publicly emerged in early August 2025. It unites three previously distinct but well-known hacker groups—Scattered Spider, LAPSUS$, and ShinyHunters—under a shared brand and operational umbrella. Rather than functioning as a single hierarchical organization, SLH operates as a brand-level coalition, centralizing extortion operations, recruitment, and public
-
Jaguar Land Rover cyberattack
In late August 2025, Jaguar Land Rover (JLR) suffered a major cyberattack that forced an emergency shutdown of critical IT systems and halted production at all UK plants. On 31 August, the company proactively powered down key systems to contain the breach. Dealers were unable to register new vehicles, parts supply systems were offline, and
-
FBI’s 2024 Internet Crime Complaint Center Report
The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has released its latest annual report. The 2024 Internet Crime Report combines information from 859,532 complaints of suspected Internet crime and details reported losses exceeding $16 billion—a 33% increase in losses from 2023. See more details on:
-
Lazarus Group
The Lazarus Group is a notorious, North Korea linked hacking organization often described as an advanced persistent threat (APT38) group that has been active since at least 2009. Believed to be run or heavily sponsored by the North Korean government, Lazarus has been implicated in a wide array of high-profile cyber operations ranging from cyber
-
North Korea has become the country to hold the largest strategic reserve of Ethereum (ETH)
In a stunning escalation of state-sponsored cybercrime, North Korea’s notorious Lazarus hacking group has pulled off what experts are calling the largest cryptocurrency heist in history. In a meticulously orchestrated attack on the Dubai-based exchange Bybit, hackers manipulated a routine transfer between the exchange’s cold and hot wallets to siphon off over 400,000 Ethereum (ETH)
-
Operation Synergia II
Operation Synergia II, led by INTERPOL in 2024, targeted cybercrime infrastructure across 95 countries. The operation focused on 22,000 IP addresses linked to criminal activities, including phishing, malware, and ransomware. Key outcomes included the dismantling of illegal networks, the seizure of 59 servers, 43 electronic devices, and the arrest of 41 suspects. Collaborative efforts between
-
RansomHub
RansomHub is a cybercriminal group operating a ransomware-as-a-service (RaaS) model that emerged in early 2024. It evolved from cybercriminal groups formerly known as Cyclops and Knight, and has recently attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV. Here are some key points about the RansomHub cybercriminal group: RansomHub’s combination of sophisticated
-
Almost 2.7 billion records of personal information for people in the United States were leaked from National Public Data
In April 2024, National Public Data (NPD), a data provider company that performs background checks and fraud prevention, experienced a major data breach that exposed nearly 2.7 billion records. This breach compromised highly sensitive personal information, including full names, Social Security numbers, addresses, and dates of birth. The breach was initially reported when a hacker
-
BlackBasta
The BlackBasta cybercriminal group is a relatively new but rapidly evolving ransomware group that emerged in 2022. This group is known for its sophisticated attack methods and significant impact on various industries. Here are some precise details about the group: The BlackBasta group exemplifies the growing trend of ransomware-as-a-service (RaaS), where ransomware developers lease their