Barts Health NHS confirms Cl0p ransomware breach via Oracle flaw. Invoice data exposed. Patient records and clinical systems remain unaffected.

Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React Server Components (RSC) and has a maximum CVSS score of 10, the highest possible rating, signaling critical impact and ease of exploitation. Censys telemetry shows that more than 2.15 million internet‑facing services are […]

The post 2.15M Next.js Web Services Exposed Online, Active Attacks Reported – Update Immediately appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified this malware on November 25, 2025, disguised as a security application from mBank, one of Poland’s most prominent banking institutions.​ Novel Malware with Advanced Capabilities FvncBot represents an entirely new […]

The post FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The dangerous ClayRat Android spyware has evolved, gaining the ability to steal PINs, record screens, and disable security by abusing Accessibility Services. Users must beware of fake apps spreading through phishing sites and Dropbox.

SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trigger pool overflows for privilege escalation to SYSTEM. The vulnerabilities require sandbox manipulation to access the attack surface, marking a reversal […]

The post Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by Apache maintainers. Tracked as CVE-2025-66516, the flaw affects Apache Tika core, Apache Tika parsers, and the Apache Tika PDF parser module. CVE ID Severity Vulnerability Type Affected Component Affected Versions CVE-2025-66516 Critical XML External […]

The post Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aikido Security exposes a new AI prompt injection flaw in GitHub/GitLab pipelines, letting attackers steal secrets. Major companies affected.

A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are leveraged the vulnerability to install webshells and establish persistent network access, marking a significant escalation in targeting enterprise VPN infrastructure. The […]

The post Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has launched the Proactive Notification Service, a groundbreaking program that identifies and alerts system owners about security vulnerabilities affecting their networks. How the Service Works The Proactive Notification Service operates by scanning […]

The post NCSC Launches Proactive Notification Service to Alert System Owners of Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed security flaw in the open-source monitoring platform Cacti could allow attackers to execute arbitrary commands on vulnerable servers. The issue, rated High severity and tracked as CVE-2025-66399, affects Cacti versions up to and including 1.2.28. The problem has been fixed in Cacti 1.2.29. The vulnerability stems from improper input validation in the SNMP device configuration workflow. When an authenticated […]

The post Cacti Command Injection Flaw Allows Remote Execution of Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Within hours of the public disclosure of CVE-2025-55182 on December 3, 2025, Amazon threat intelligence teams detected active exploitation attempts from multiple China-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components carries a maximum CVSS score of 10.0 and poses an immediate threat to organizations running vulnerable versions […]

The post China-Nexus Hackers Exploiting React2Shell Vulnerability in Active Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.

The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued a joint alert warning of a sophisticated new malware campaign dubbed “BRICKSTORM.” According to the advisory released, state-sponsored hackers from the People’s Republic of China (PRC) are actively using this tool to infiltrate and hide […]

The post CISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloudflare's Q3 2025 DDoS Threat Report reveals the Aisuru botnet launched a record 29.7 Tbps attack. Learn which sectors were the most targeted, and the key drivers behind the surge in attacks.

Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the Next.js framework, easy to exploit, but React is widely used, including in 39% of cloud environments.

The post Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps appeared first on Security Boulevard.

Cybersecurity startup AISLE discovered a Medium severity flaw in the WebXR component of Chrome, Edge, and other Chromium browsers. Over 4 billion devices were at risk. Update now.

Security researchers have released a specialized scanning tool to identify vulnerable React Server Component (RSC) endpoints in modern web applications, addressing a critical gap in the detection of CVE-2025-55182. New Detection Approach Challenges Existing Security Assumptions A newly available Python-based scanner is transforming how organizations assess their exposure to CVE-2025-55182 by introducing a sophisticated surface […]

The post New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182) appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A high security vulnerability has been discovered in Vim for Windows that could allow attackers to run malicious code on affected systems. The flaw, tracked as CVE-2025-66476, affects Vim versions earlier than 9.1.1947 and received a high severity rating due to its serious implications for Windows users. Attribute Details CVE ID CVE-2025-66476 Product Vim for […]

The post Vim for Windows Flaw Lets Attackers Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Akamai has fixed a vulnerability in its edge servers that could have allowed HTTP Request Smuggling attacks. The issue was entirely resolved on November 17, 2025, and the company says no action is needed from customers. The flaw is now tracked as CVE-2025-66373. Field Detail CVE ID CVE-2025-66373 Vendor Akamai Component Akamai edge servers Vulnerability […]

The post Akamai Fixes HTTP Request Smuggling Flaw in Edge Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A severe remote code execution vulnerability in the Sneeit Framework WordPress plugin is under active exploitation, with attackers launching thousands of attacks within hours of public disclosure. WordPress site administrators must immediately update to version 8.4 or later to prevent complete site compromise. On June 10th, 2025, a remote code execution vulnerability was discovered in […]

The post WordPress Plugin Vulnerability Under Active Attack, Allowing Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.