Critical React, Next.js flaw lets hackers execute code on servers
A maximum severity vulnerability, dubbed ‘React2Shell’, in the React Server Components (RSC) ‘Flight’ protocol allows remote code execution without authentication in React and
Contractors with hacking records accused of wiping 96 govt databases
U.S. prosecutors have charged two Virginia brothers arrested on Wednesday with allegedly conspiring to steal sensitive information and destroy government
CISA warns of Chinese “BrickStorm” malware attacks on VMware servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring VMware vSphere servers with Brickstorm
French DIY retail giant Leroy Merlin discloses a data breach
French home improvement and gardening retailer Leroy Merlin is notifying customers that their personal info has been compromised in a
Marquis data breach impacts over 74 US banks, credit unions
Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and
Critical flaw in WordPress add-on for Elementor exploited in attacks
Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025–8489) in the King Addons for Elementor plugin for WordPress, which lets