LoginReact2Shell Attacks Linked to North Korean Hackers
North Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT.
The post React2Shell Attacks Linked to North Korean Hackers appeared first on SecurityWeek.
Reading view
Identity Security Firm Saviynt Raises $700 Million at $3 Billion ValuationΒ
The funding round was led by KKR, with participation from Sixth Street Growth, TenEleven, and Carrick Capital Partners.
The post Identity Security Firm Saviynt Raises $700 Million at $3 Billion ValuationΒ appeared first on SecurityWeek.
Proofpoint Completes $1.8 Billion Acquisition of HornetsecurityΒ
Proofpoint said Hornetsecurity brings in nearly $200 million in annual recurring revenue, with a 20% year-over-year growth rate.
The post Proofpoint Completes $1.8 Billion Acquisition of HornetsecurityΒ appeared first on SecurityWeek.
Over 300,000 Individuals Impacted by Vitas Hospice Data Breach
Vitas, the largest for-profit hospice chain in the United States, discovered a cybersecurity intrusion in October.
The post Over 300,000 Individuals Impacted by Vitas Hospice Data Breach appeared first on SecurityWeek.
Tri-Century Eye Care Data Breach Impacts 200,000 Individuals
Tri-Century Eye Care was targeted recently by the Pear ransomware group, which claimed to have stolen over 3 Tb of data.Β
The post Tri-Century Eye Care Data Breach Impacts 200,000 Individuals appeared first on SecurityWeek.
Exploitation of React2Shell Surges
An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks.
The post Exploitation of React2Shell Surges appeared first on SecurityWeek.
Cloudflare Outage Caused by React2Shell Mitigations
The critical React vulnerability has been exploited in the wild by Chinese and other threat actors.
The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek.
Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps
Cloudflare recently mitigated a new record-breaking Aisuru attack that peaked at 14.1 Bpps.
The post Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps appeared first on SecurityWeek.
Chinese Hackers Exploiting React2Shell Vulnerability
AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.
The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 30 Deals Announced in November 2025
Significant cybersecurity M&A deals announced by Arctic Wolf, Bugcrowd, Huntress, Palo Alto Networks, and Zscaler.
The post Cybersecurity M&A Roundup: 30 Deals Announced in November 2025 appeared first on SecurityWeek.
Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT
The 25-page document outlines four principles for securely integrating AI with operational technology.
The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWeek.
React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.
The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.
ServiceNow to Acquire Identity Security Firm Veza in Reported $1 Billion DealΒ
Veza Security was recently valued at more than $800 million after raising $108 million in Series D funding.
The post ServiceNow to Acquire Identity Security Firm Veza in Reported $1 Billion DealΒ appeared first on SecurityWeek.
Penn and Phoenix Universities Disclose Data Breach After Oracle Hack
The University of Pennsylvania and the University of Phoenix confirm that they are victims of the recent Oracle EBS hacking campaign.
The post Penn and Phoenix Universities Disclose Data Breach After Oracle Hack appeared first on SecurityWeek.
re:Invent 2025: AWS and Security Vendors Unveil New Products and CapabilitiesΒ
AWS and cybersecurity vendors have made several announcements at the cloud giantβs re:Invent 2025 event.Β
The post re:Invent 2025: AWS and Security Vendors Unveil New Products and CapabilitiesΒ appeared first on SecurityWeek.
Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers
The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution.
The post Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers appeared first on SecurityWeek.
$29 Million Worth of Bitcoin Seized in Cryptomixer Takedown
Cryptomixer was targeted by law enforcement in Operation Olympia for facilitating cybercrime and money laundering.Β
The post $29 Million Worth of Bitcoin Seized in Cryptomixer Takedown appeared first on SecurityWeek.
New Albiriox Android Malware Developed by Russian Cybercriminals
Albiriox is a banking trojan offered under a malware-as-a-service model for $720 per month.
The post New Albiriox Android Malware Developed by Russian Cybercriminals appeared first on SecurityWeek.
CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack
CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek.
Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights
Michael Clapsis has been sentenced to 7 years and 4 months in prison for stealing sensitive information.
The post Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights appeared first on SecurityWeek.
