An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks.

The post Exploitation of React2Shell Surges appeared first on SecurityWeek.

Other noteworthy stories that might have slipped under the radar: Akamai patches HTTP smuggling vulnerability, Claude Skills used to execute ransomware, PickleScan flaws.

The post In Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian Backdoor appeared first on SecurityWeek.

The critical React vulnerability has been exploited in the wild by Chinese and other threat actors.

The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek.

The cybersecurity startup detects impersonation risk in real-time, across video, phone, and chat communication.

The post Imper.ai Emerges From Stealth Mode With $28 Million in Funding appeared first on SecurityWeek.

Warp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations.

The post US Organizations Warned of Chinese Malware Used for Long-Term Persistence appeared first on SecurityWeek.

The startup will invest in expanding its engineering and research teams, deepening product integrations, and scaling go-to-market efforts.

The post Lumia Security Raises $18 Million for AI Security and Governance appeared first on SecurityWeek.

Cloudflare recently mitigated a new record-breaking Aisuru attack that peaked at 14.1 Bpps.

The post Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps appeared first on SecurityWeek.

Helmet Security has built an end-to-end platform that secures the infrastructure for agentic AI communication.

The post Helmet Security Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek.

AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.

The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.

The Ministry of Communications on had asked smartphone makers to install the government’s “Sanchar Saathi” app within 90 days and to prevent users from disabling it.

The post India Rolls Back Order to Preinstall Cybersecurity App on Smartphones appeared first on SecurityWeek.

Significant cybersecurity M&A deals announced by Arctic Wolf, Bugcrowd, Huntress, Palo Alto Networks, and Zscaler.

The post Cybersecurity M&A Roundup: 30 Deals Announced in November 2025 appeared first on SecurityWeek.

Established in 2024 by Cybereason co-founders Lior Div and Yonatan Striem-Amit, the company has raised a total of $166 million in funding.

The post Agentic Security Firm 7AI Raises $130 Million appeared first on SecurityWeek.

Hackers stole the names, addresses, Social Security numbers, and financial and medical information of 9,542 people.

The post Inotiv Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF).

The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.

The 25-page document outlines four principles for securely integrating AI with operational technology.

The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWeek.

Freedom Mobile says hackers stole customers’ personal information from its account management platform.

The post Personal Information Compromised in Freedom Mobile Data Breach appeared first on SecurityWeek.

The compromised personal and financial information includes names, addresses, Social Security numbers, and card numbers.

The post Marquis Data Breach Impacts Over 780,000 People appeared first on SecurityWeek.

A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.

The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.

The startup will invest the funds in accelerating development of its second-generation fully homomorphic encryption (FHE) platforms.

The post Niobium Raises $23 Million for FHE Hardware Acceleration appeared first on SecurityWeek.

A critical-severity vulnerability in the King Addons for Elementor plugin for WordPress has been exploited to take over websites.

The post Critical King Addons Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.