InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...
SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...
Dark Reading

5 Threats That Defined Security in 2025

2025 included a number of monumental threats, from global nation-state attacks to a critical vulnerability under widespread ...
Information Age

Tech predictions for 2026 – AI, cybersecurity, data and more

As we head into the New Year, experts across the tech landscape weigh in to share what they think will happen in 2026 ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Solving The Clarity Problem For Vulnerability Management

As disclosure-to-exploitation timelines compress, organizations are rethinking how they validate exploitability and ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...

MongoDB warns admins to patch severe vulnerability immediately

MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that may be exploited by ...
The Hacker News

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

The latest ThreatsDay Bulletin breaks down the week’s biggest stories — rootkits evading Windows, Docker leaks, AI risks and global surveillance moves ...