In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers.
The post RondoDox Botnet Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
Covenant Health Data Breach Impacts 478,000 Individuals
The Qilin ransomware group hacked the healthcare organization and stole data from its systems in May 2025.
The post Covenant Health Data Breach Impacts 478,000 Individuals appeared first on SecurityWeek.
Adobe ColdFusion Servers Targeted in Coordinated Campaign
GreyNoise has observed thousands of requests targeting a dozen vulnerabilities in Adobe ColdFusion during the Christmas 2025 holiday.
The post Adobe ColdFusion Servers Targeted in Coordinated Campaign appeared first on SecurityWeek.
Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist
The worm exposed Trust Wallet’s Developer GitHub secrets, allowing attackers to publish a backdoor extension and steal funds from 2,520 wallets.
The post Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist appeared first on SecurityWeek.
European Space Agency Confirms Breach After Hacker Offers to Sell Data
The European Space Agency is conducting an investigation and says external science servers have been compromised.
The post European Space Agency Confirms Breach After Hacker Offers to Sell Data appeared first on SecurityWeek.
8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025
The total disclosed value for all the cybersecurity M&A deals announced in 2025 exceeded $84 billion.
The post 8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025 appeared first on SecurityWeek.
Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit
The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor.
The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek.
Korean Air Data Compromised in Oracle EBS Hack
Roughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D.
The post Korean Air Data Compromised in Oracle EBS Hack appeared first on SecurityWeek.
Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000
It took Sax well over a year to complete its investigation after detecting hackers on its network.
The post Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 appeared first on SecurityWeek.
Fortinet Warns of New Attacks Exploiting Old Vulnerability
Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication.
The post Fortinet Warns of New Attacks Exploiting Old Vulnerability appeared first on SecurityWeek.
