CISA and global partners issue new guidance for secure AI integration in operational technology, highlighting risks, governance, behavioral analytics, and OT safety.
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis.
The Washington Post last month reported it was among a list of data breach victims of the Oracle EBS-related vulnerabilities, with a threat actor compromising the data of more than 9,700 former and current employees and contractors. Now, a former worker is launching a class-action lawsuit against the Post, claiming inadequate security.
Trump Is Taking 3 Steps Backward in the AI Race (Arati Prabhakar and Asad Ramzanali, Politico) The administration needs to shift focus away from providing chips and datacenters to the world’s richest companies.
For this week in scams, we have fake AI-generated shopping images that could spoil your holidays, scammers use an Apple Support ticket in a takeover attempt, and a PlayStation scam partly powered by AI.
Let’s start with those fake ads, because holiday shopping is in full swing.
Keep a sharp eye out for fake AI shopping ads that sell knockoff goods
Turns out that three-quarters of people (74%) can’t correctly identify a fake AI-generated social media ad featuring popular holiday gifts—which could leave them open to online shopping scams.
Less than one in 10 (8%) people feel “very confident” in their ability to spot an AI-generated ad on social media.
More than half (56%) fear that they or a family member could get scammed as a result.
About two-thirds (63%) said that they won’t purchase anything from social media platforms because they’re not sure what’s real and what’s fake.
From the study … could you tell these ads are both fake?
Fake ads, like this, have been popping up across social.
Could you tell this ad is fake?
In all, cheap and readily available AI tools make spinning up fake ads quick and easy work. The same goes for launching websites where those “goods” can get sold. In the past, we’ve seen scammers take two different approaches when they use social media ads and websites to lure in their victims:
Phishing sites
During the holidays, scammers pump out ads that offer seemingly outstanding deals on hot items. Of course, the offer and the site where it’s “sold” is fake. Victims hand over their personal info and credit card number, never to see the items they thought they’d purchased. On top of the money a victim loses, the scammer also has their card info and can run up its tab or sell it to others on the dark web.
Knock-off sites
In this case, the scammer indeed sells and delivers something. But you don’t get what you paid for. The item looks, feels, fits, or works entirely differently than what was advertised. In this way, people wind up with a cheaply made item cobbled together with inferior materials. Worse yet, these scams potentially prop up sweatshops, child labor, and other illegal operations in the process. Nothing about these sites and the things they sell on them are genuine.
So, fake AI shopping ads are out there. What should you look out for? Here’s a quick list:
First off, any offer that sounds too good to be true and heavy discounts on hard-to-find or popular items are major signs of a scam—and have been for years running now.
See if the image looks a little too polished or even cartoony in some cases. As for people in AI ads, they can look airbrushed and have skin tones that seemingly give off an odd glow.
Look up reviews of the company. Trustpilot and the Better Business Bureau offer great resources for that. Even simple a search using “CompanyName scam” can give you an idea if it’s a scam or not.
Over the course of nearly 30 minutes, a scammer calmly and professionally walked Moret through a phony account takeover attempt.
It started with two-factor authentication notifications that claimed someone was trying to access his iCloud account. Three minutes later, he got a call from an Atlanta-based number. The caller said they were with Apple Support. “Your account is under attack. We’re opening a ticket to help you. Someone will contact you shortly.”
Seconds later came another call from the same number, which is where the scam fully kicked in. The person also said they were from Apple Support and that they’d opened a case on Moret’s behalf. Sure enough, when directed, Moret opened his email and saw a legitimate case number from a legitimate Apple address.
The caller then told him to reset his password, which he did. Moret received a text with a link to a site where he could, apparently, close his case.
Note that at no time did the scammers ask him for his two-factor authentication code throughout this process, which is always the sign of a scam. However, the scammers had another way to get it.
The link took him to a site called “appeal-apple dot com,” which was in fact a scam site. However, the page looked official to him, and he entered a six-digit code “confirmation code” sent by text to finish the process.
That “confirmation code” was actually a fresh two-factor authentication code. With that finally in hand, the scammers signed in. Moret received a notice that a new device had logged into his account. Moret quickly reset his password again, which kicked them out and stopped the attack.
So, what went wrong here? Let’s break down three key moments in this account takeover scam:
The unsolicited phone calls. That’s an immediate sign to hang up and call an official support number to confirm the “issue” yourself.
The fake website. A site with a URL like “appeal-apple dot com” is a scam site, even if it looks “official.” Scammers can create them easily today.
The code heist. Scammers trick people into handing over their authorization code by calling it something else, like a “confirmation code.”
So, how can you protect yourself from account takeover scams? Let’s break that down too.
Know that Apple Support won’t call you or open a case on your behalf.
Also know that anyone can create an Apple Support ticket for anyone else, without verification. If you didn’t create it yourself, it’s a strong sign of a scam.
Only interact with Apple through sites and emails with the proper “apple dot com” address. Watch out for altered addresses like the “appeal-apple dot com” used here.
Never, ever share your authentication code in any way … verbally, in an email, in a text, or a website. Any request for it from anyone is a scam.
You can see the devices signed into your account any time. Go to Settings, tap your Name, and scroll to see all devices linked to your Apple ID.
The FCC takes aim at the Wal-Mart PlayStation 5 Robocall Scam
Maybe you didn’t get a scam call from “Emma” or “Carl” at Wal-Mart, but plenty of people did. Around eight million in all. Now the Federal Communications Commission’s (FCC) Enforcement Bureau wants to put a stop to them.
According to the FCC, the call plays out like this:
“A preauthorized purchase of PlayStation 5 special edition with Pulse 3D headset is being ordered from your Walmart account for an amount of 919 dollars 45 cents. To cancel your order or to connect with one of our customer support representatives, please press ‘1.’ Thank you.”
Pressing “1” connects you to a live operator who asks for personal identifiable such as Social Security numbers to cancel the “purchase.”
If you were wondering, it’s unlawful to place calls to cellphones containing artificial or prerecorded voice messages absent an emergency purpose or prior express consent. According to the FCC’s press release, SK Teleco didn’t respond to a request to investigate the calls. The FCC further alleges that it’s unlikely the company has any such consent.
Per the FCC, “If SK Teleco fails to take swift action to prevent scam calls, the FCC will require all other providers to no longer accept call traffic from SK Teleco.”
We’ll see how this plays out, yet it’s a good reminder to report scam calls. When it comes to any kind of scam, law enforcement and federal agencies act on complaints.
Get a scam call? Who’s here you can report it to:
The Federal Trade Commission (FTC): Report fraud, especially if you lost money, at ReportFraud.ftc.gov.
The Federal Communications Commission (FCC): Report unwanted calls, texts, and caller ID spoofing at DoNotCall.gov.
Editor’s note: We published this article nearly three months ago, on 10 September 2025. The recent revelations about the killing, on 2 September, of two survivors who were clinging to a sinking shipwreck after their boat had been destroyed in the initial attack by U.S. forces, highlight the deeper problems with the Trump administration’s approach of using military force to deal with what is essentially a law-enforcement issue.
How can society police the global spread of online far-right extremism while still protecting free speech? That’s a question policymakers and watchdog organizations confronted as early as the 1980s and ’90s – and it hasn’t gone away.
Immigration has historically driven U.S. growth and filled labor shortages in various sectors, but it has also remained one of the most politically divisive issues. In the modern era, successive administrations have agreed on the need to reform the asylum system and bolster border security, while differing sharply on how to manage immigration more broadly.
The total federal debt of the United States passed a new milestone on October 21, 2025, reaching $38 trillion for the first time, with $30.4 trillion in federal debt held by the public, which is equivalent to about 100 percent of our gross domestic product (GDP). This is the highest level it’s been relative to our GDP since 1946.
Licensed gun dealers are a major source of firearms that end up illegally trafficked, according to a new analysis using federal data by the research arm of Everytown for Gun Safety, which advocates for stricter gun laws.
Gun trafficking involves diverting guns from legal commerce into the illegal market, often through straw purchases, unlicensed dealing or other methods that bypass background checks and federal recordkeeping requirements.
Trump Is Taking 3 Steps Backward in the AI Race (Arati Prabhakar and Asad Ramzanali, Politico) The administration needs to shift focus away from providing chips and datacenters to the world’s richest companies.
A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attacks via malicious HTTP requests.
Discovered by Lachlan Davidson, the flaw stems from insecure deserialization in the RSC ‘Flight’ protocol and impacts packages including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. Exploitation is highly reliable, even in default deployments, and a single request can compromise the full Node.js process. The flaw is being tracked as CVE-2025-55182. Originally tagged as a CVE for Next.js, NIST subsequently rejected CVE-2025-66478, as it is a duplicate of CVE-2025-55182.
This blog post includes the critical, immediate actions recommended to secure your environment, new and existing Platform Detection Rules designed to defend against this vulnerability, and information on how SentinelOne Offensive Security Engine, a core component of the Singularity Cloud Security solution, allows our customers to quickly identify potentially vulnerable workloads.
What is React2Shell? Background & Impact
On December 3, 2025, the React and Next.js teams disclosed two related vulnerabilities in the React Server Components (RSC) Flight protocol: CVE-2025-55182 (React) and CVE-2025-66478 (Next.js), with the latter CVE now marked by NIST as a duplicate.
Both enable unauthenticated RCE, impacting applications that use RSC directly or through popular frameworks such as Next.js. These vulnerabilities are rated critical (CVSS 10.0) because exploitation requires only a crafted HTTP request. No authentication, user action, or developer-added server code is needed for an attacker to gain control of the underlying Node.js process.
The vulnerability exists because RSC payloads are deserialized without proper validation, exposing server functions to attacker-controlled inputs. Since many modern frameworks enable RSC as part of their default build, some teams may be exposed without being aware that server-side RSC logic is active in their environment.
Security testing currently shows:
Exploitation can succeed with near 100% reliability
Default configurations are exploitable, including a standard Next.js app created with create-next-app and deployed with no code changes
Applications may expose RSC endpoints even without custom server functions
A single malicious request can escalate to full Node.js process compromise
Security researchers warn that cloud environments and server-side applications using default React or Next.js builds are particularly at risk. Exploitation could allow attackers to gain full control over servers, access sensitive data, and compromise application functionality. Reports have already emerged of China-nexus threat groups “racing to weaponize” the flaw.
Companies are advised to review deployments, restrict unnecessary server-side exposure, and monitor logs for anomalous RSC requests. Securing default configurations, validating deserialized input, and maintaining a regular patch management schedule can prevent attackers from exploiting framework-level vulnerabilities in production applications.
Update React by installing the patched versions of React as listed above.
Update Next.js and other RSC-enabled frameworks as listed above. Ensure the latest framework and bundler releases are installed so they ship the patched React server bundles.
Review deployment behavior by checking whether your organization’s workloads expose RSC server function endpoints. These may exist regardless of whether developers added custom server functions.
How SentinelOne Protects Our Customers
Cloud Native Security – Offensive Security Engine
SentinelOne’s Offensive Security Engine (OSE), core component of its Singularity Cloud Security solution, proactively distinguishes between theoretical risks and actual threats by simulating an attacker’s methodology. Rather than relying solely on static scans that flag every potential misconfiguration or vulnerability, this engine automatically conducts safe, harmless simulations against your cloud infrastructure to validate exploitability.
This approach delivers differentiated outcomes by radically reducing alert fatigue and focusing security teams on immediate, confirmed dangers. By providing concrete evidence of exploitability—such as screenshots or code snippets of the successful simulation—it eliminates the need for manual validation and “red teaming” of every alert. Shift from chasing hypothetical vulnerabilities to remediating verified attack vectors, ensuring resources are always deployed against the risks that pose a genuine threat to their environment.
In response to this vulnerability, SentinelOne released a new OSE plugin which can verify exploitability of these vulnerabilities for publicly accessible workloads using a defanged (i.e., harmless) HTTP payload.
Viewing Misconfigurations in the SentinelOne Console
SentinelOne customers can quickly identify potentially vulnerable workloads using the Misconfigurations page in the SentinelOne Console.
Search for:
React & Next.js (React Server Components) Versions 19.0.0–19.2.0 Vulnerable to Pre-Authentication Remote Code Execution via Unsafe Deserialization (CVE-2025-55182)
This highlights Node.js workloads that are exposing RSC-related server function endpoints. Once identified, affected assets can be patched or temporarily isolated. SentinelOne CNS also detects suspicious Node.js behavior associated with exploitation attempts, providing protection while updates are deployed.
It identifies verified exploitable paths on your publicly exposed assets, confirming which systems are truly at risk. By validating exploitability rather than simply flagging theoretical vulnerabilities, Singularity Cloud Security minimizes noise and provides concrete evidence so security teams can focus on what matters.
Wayfinder Threat Hunting
The Wayfinder Threat Hunting team is proactively hunting for this emerging threat by leveraging comprehensive threat intelligence. This includes, but is not limited to, indicators and tradecraft associated with known active groups such as Earth Lamia and Jackpot Panda.
Our current operational coverage includes:
Atomic IOC Hunting: We have updated our atomic IOC library to include known infrastructure and indicators from these threat actors, as well as broader intelligence regarding this campaign.
Behavioral Hunting: We are actively building and executing hunts designed to detect behavioral TTP matches that identify suspicious activity beyond static indicators.
Notification & Response All identified true positive findings will generate alerts within the console for the affected sites. For clients with MDR, the MDR team will actively review these alerts and manage further escalation as required.
Platform Detection Rules
SentinelOne’s products provide a variety of detections for potential malicious follow-on reverse shell behaviors and other actions which may follow this exploit. As of December 5, 2025, SentinelOne released new Platform Detection Rules specifically to detect observed in-the-wild exploit activity. We recommend customers apply the latest detection rule, Potential Exploitation via Insecure Deserialization of React Server Components (RSC), urgently to ensure maximum protection.
Additionally, SentinelOne recommends customers verify the following existing rules have also been enabled:
Potential Reverse Shell via Shell Processes
Potential Reverse Shell via Node
Potential Reverse Shell via Python
Reverse Shell via Perl Utility
Potential Reverse Shell via AWK Utility
Potential Reverse Shell via GDB Utility
Potential Reverse Shell via Lua Utility
Potential Reverse Shell via Netcat
Potential Reverse Shell using Ruby Utility
Potential Reverse Shell via Socat Utility
Conclusion
CVE-2025-55182 and CVE-2025-66478 represent critical risks within the React Server Components Flight protocol. Because frameworks like Next.js enable RSC by default, many environments may be exposed even without intentional server-side configuration. Updating React, updating dependent frameworks, and verifying whether RSC endpoints exist in your organization’s workloads are essential steps.
Singularity Cloud Security helps organizations reduce risk by identifying vulnerable workloads, flagging misconfigurations, and detecting malicious Node.js behavior linked to RCE exploitation. This provides immediate visibility and defense while patches are applied.
Learn more about SentinelOne’s Cloud Security portfolio here or book a demo with our expert team today.
Third-Party Trademark Disclaimer:
All third-party product names, logos, and brands mentioned in this publication are the property of their respective owners and are for identification purposes only. Use of these names, logos, and brands does not imply affiliation, endorsement, sponsorship, or association with the third-party.
CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks (see the context section for a more exhaustive list of affected frameworks).
Chinese-sponsored groups are using the popular Brickstorm backdoor to access and gain persistence in government and tech firm networks, part of the ongoing effort by the PRC to establish long-term footholds in agency and critical infrastructure IT environments, according to a report by U.S. and Canadian security offices.
Remember when Apple put that U2 album in everyone's music libraries? India wanted to do that to all of its citizens, but with a cybersecurity app. It wasn't a good idea.
Login
Homeland Security Newswire
Trend Micro Research News
