Dec 13, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on…
Technology
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Dec 13, 2025Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates for iOS, iPadOS, macOS,…
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute…
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Dec 12, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has…
New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that…
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new…
Policy, Isolation, and Data Controls That Actually Work
The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and…
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on…
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Dec 11, 2025Ravie LakshmananVulnerability / Cloud Security A high-severity unpatched security vulnerability in Gogs has come…
The Impact of Robotic Process Automation (RPA) on Identity and Access Management
Dec 11, 2025The Hacker NewsAutomation / Compliance As enterprises refine their strategies for handling Non-Human Identities…