Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
The Hacker News

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft’s January 2026 Patch Tuesday fixes 114 Windows flaws, including an actively exploited Desktop Window Manager bug ...
CRN

10 Major Cyberattacks And Data Breaches In 2025

A common thread running through many of the biggest cyberattacks and data breaches in 2025 was a lack of visibility by organizations into their own IT systems—a weakness that attackers exploited again ...