The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS.
The post Intel, AMD Processors Affected by PCIe Vulnerabilities appeared first on SecurityWeek.
Microsoft Patches 57 Vulnerabilities, Three Zero-Days
Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges.
The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek.
Exploitation of React2Shell Surges
An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks.
The post Exploitation of React2Shell Surges appeared first on SecurityWeek.
Cloudflare Outage Caused by React2Shell Mitigations
The critical React vulnerability has been exploited in the wild by Chinese and other threat actors.
The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek.
Chinese Hackers Exploiting React2Shell Vulnerability
AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.
The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.
The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.
Microsoft Silently Mitigated Exploited LNK Vulnerability
Windows now displays in the properties tab of LNK files critical information that could reveal malicious code.
The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek.
Android’s December 2025 Updates Patch Two Zero-Days
Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks.
The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on SecurityWeek.
Facial Recognition’s Trust Problem
Two technologies — one for public safety, one for controlled entry — show why trust in facial recognition must be earned, not assumed.
The post Facial Recognition’s Trust Problem appeared first on SecurityWeek.
CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack
CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek.
