Category: Exploit
-
Global Alert: React2Shell (CVE-2025-55182) Exploitation Escalated
On 16 December 2025, after several days its public disclosure, the critical React2Shell vulnerability (CVE-2025-55182) continues to be widely exploited worldwide, with both the breadth of compromised systems and the number of threat actors involved rising sharply. Researchers have tracked at least 30 confirmed organizational breaches attributed to this flaw and estimate that tens of
-
React2Shell Vulnerability (CVE-2025-55182) Widely Exploited
React2Shell is a critical unauthenticated remote code execution vulnerability tracked as CVE-2025-55182 in React Server Components and related frameworks like Next.js. The flaw arises because unsafe de-serialization in the internal Flight protocol allows attackers, without logging in or valid credentials, to send a specially crafted HTTP request that gets executed on the server. This gives
-
React Server Components (RSC) security vulnerability (React2Shell) (CVE-2025-55182)
CVE-2025-55182 is a critical pre-authentication remote code execution vulnerability in React Server Components. It affects specifically versions 19.0.0, 19.1.0, 19.1.1 and 19.2.0 of RSC packages: and frameworks that use these affected packages, including Next.js 15.x and 16.x using the App Router. The vulnerability has a maximum severity rating of CVSS 10.0. The vulnerable code unsafely
-
Scattered LAPSUS$ Hunters (SLH)
Scattered LAPSUS$ Hunters (SLH) is a federated cybercriminal alliance that publicly emerged in early August 2025. It unites three previously distinct but well-known hacker groups—Scattered Spider, LAPSUS$, and ShinyHunters—under a shared brand and operational umbrella. Rather than functioning as a single hierarchical organization, SLH operates as a brand-level coalition, centralizing extortion operations, recruitment, and public
-
Oracle E-Business Suite security vulnerability (CVE-2025-61884)
CVE-2025-61884 is a high-severity security vulnerability in the Oracle E-Business Suite (EBS), specifically in the Oracle Configurator product’s Runtime UI component. The flaw allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator and gain unauthorized access to sensitive data. Because the affected component is often exposed to internal and external networks,
-
Palo Alto Networks PAN-OS security vulnerability (CVE‑2025‑0108)
CVE‑2025‑0108 is an authentication bypass vulnerability found in Palo Alto Networks’ PAN‑OS software. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass standard authentication and invoke specific PHP scripts. While the flaw doesn’t directly lead to remote code execution, it can compromise the confidentiality and integrity of the
-
CVE-2024-45492
CVE-2024-45492 is a critical vulnerability found in the widely used libexpat XML parsing library, specifically affecting versions prior to 2.6.3. This flaw originates from an integer overflow in the `nextScaffoldPart` function in 32-bit systems. Attackers can exploit this vulnerability to remotely execute arbitrary code or cause a denial of service, making it especially dangerous. It
-
CVE-2024-45491
The CVE-2024-45491 vulnerability is an integer overflow issue identified in libexpat versions prior to 2.6.3. This vulnerability occurs in the `dtdCopy` function of the `xmlparse.c` file, specifically impacting 32-bit platforms. The problem arises when an attacker can exploit this overflow in systems where `UINT_MAX` equals `SIZE_MAX`. The vulnerability is critical, with a CVSS score of
-
CVE-2024-45490
The CVE-2024-45490 vulnerability is a security flaw identified in versions of the Expat library (specifically libexpat) prior to version 2.6.3. The vulnerability occurs in the xmlparse.c file, which is responsible for parsing XML data. The issue arises when the function XML_ParseBuffer fails to reject negative lengths during buffer parsing. This oversight can potentially lead to
-
Security vulnerabilities fixed in Firefox 127 (CVE-2024-5700) and (CVE-2024-5701)
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
-
GoFetch vulnerability
The GoFetch vulnerability is a critical security flaw affecting Apple M-series CPUs. Here are the key details: Remember that exploiting this vulnerability requires physical access to the targeted system. See more details on GoFetch website.
-
Zero-Click Attack
A zero-click attack is a type of cyber attack that requires no interaction from the victim to be successful. In traditional cyber attacks, such as phishing or malware attacks, the victim is typically required to click on a malicious link, download a file, or take some other action that initiates the attack. However, in a